blancoshrimp.com/SB/BR/
104.21.73.164301 Moved Permanently 162 B IP 104.21.73.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /SB/BR/ HTTP/1.1
Host: blancoshrimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://blancoshrimp.com/SB/BR/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiKW%2BXAsh2Kl1KJ7tUhxyhSOJK2faQYfdKFAtNkwc2k9dUsesOYxei95%2FxxvO2RfU6rvDObMjNe5ud95xT148%2FjkXL0tof%2BoKIwuNz22%2FN7XPBGvM4tjH%2FP9omkICsD1nAxe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796692cc6972b51b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12097
Expires: Wed, 08 Feb 2023 22:15:59 GMT
Date: Wed, 08 Feb 2023 18:54:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Wed, 08 Feb 2023 20:15:32 GMT
Date: Wed, 08 Feb 2023 18:54:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 18:34:13 GMT
content-type: application/json
age: 1209
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6525
Expires: Wed, 08 Feb 2023 20:43:07 GMT
Date: Wed, 08 Feb 2023 18:54:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SwRnyYm/VWbAiwfFdsFLirr3pgREjZhigoTRzB1oKtWZjns2cgRUWYt8syukRHhgXppKXp7RcaY=
x-amz-request-id: K8M92AB026ES4KS7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 18:36:02 GMT
age: 1100
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b6040862bea9c1c45428a8a1c921000
c893caa7822fd59a3b835fc631bc2392316de1ff
a112b003ab5b2a6104adfd52da68ba9a491c9ba6b6ec3d5c39b45d99cd80e07e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 265
Cache-Control: max-age=125193
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:22 GMT
Etag: "63e334de-117"
Expires: Fri, 10 Feb 2023 05:40:55 GMT
Last-Modified: Wed, 08 Feb 2023 05:36:30 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 18:54:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b6040862bea9c1c45428a8a1c921000
c893caa7822fd59a3b835fc631bc2392316de1ff
a112b003ab5b2a6104adfd52da68ba9a491c9ba6b6ec3d5c39b45d99cd80e07e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 265
Cache-Control: max-age=125193
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:22 GMT
Etag: "63e334de-117"
Expires: Fri, 10 Feb 2023 05:40:55 GMT
Last-Modified: Wed, 08 Feb 2023 05:36:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securely-send.com/storage/howisliferightnow_br.js
161.35.78.172200 OK 73 kB URL HTTP/2 securely-send.com/storage/howisliferightnow_br.js
IP 161.35.78.172:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash ce8b7a1adbef04f0713362a89dcf2d57
26795a06c7f34096c7ec77641356010157dca5c6
3cbca4208f31fdf694ac970778957d0e6a7483823d26cb64edc003a1517e5cc1
Analyzer Verdict Alert fortinet Phishing
GET /storage/howisliferightnow_br.js HTTP/1.1
Host: securely-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blancoshrimp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 72840
last-modified: Thu, 02 Feb 2023 13:19:08 GMT
etag: "63dbb84c-11c88"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blancoshrimp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 474374
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 18:14:52 GMT
age: 2371
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11537
Expires: Wed, 08 Feb 2023 22:06:40 GMT
Date: Wed, 08 Feb 2023 18:54:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 49a6d3be4a621790b694d49ac21d78bc
c2248046799cc9ca56803c3cdb64752a10264292
98d6c44b40fd7f64054df000d6d22a160a94d100b8cd9ef848f04e4b2182c9b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106243
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2ebe2-118"
Expires: Fri, 10 Feb 2023 00:25:06 GMT
Last-Modified: Wed, 08 Feb 2023 00:25:06 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9533e44dd53c70a127740c85699c2c13
7d8bce276b4d9df3f9ded760403c1b52bc8a7a6c
4ba330e5b7acfff9a371b44921641924450542edcf97beae6762d7f79655ee78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5681
Cache-Control: max-age=134960
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e345de-118"
Expires: Fri, 10 Feb 2023 08:23:43 GMT
Last-Modified: Wed, 08 Feb 2023 06:49:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bc0258780e2854e64845167ab5e5443d
b90285671f1accacb4450d68c862fcb8e1248f2d
524eca5f10f0ebec40b65dad53dcc9fd32e68f22483a1111edeb99c0093d5afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3854
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Last-Modified: Wed, 08 Feb 2023 17:50:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.bet365.com/olp/open-account?affiliate=365_01175261
5.226.179.10200 OK 4.6 kB URL HTTP/1.1 www.bet365.com/olp/open-account?affiliate=365_01175261
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a02efc03bf1ff6317cbb86509d91d64a
e2f7f16d03288f6e9cd96456dae25a92b5f2b2d3
6195e77e3f220109bcd9952feb4945337ae703473c57663bdc6c6b08bb0343bc
GET /olp/open-account?affiliate=365_01175261 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ServerDetails: <!--2P1 - 79-->
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=; path=/; expires=Wed, 08-Feb-23 19:24:23 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 796692d59da4b4f9-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2bc8cfc91f9a77a2eeb73abc55308585
55b3f3ad0f7aff8fc047605061b3974178417701
cb84292c63cd8fe0afdedb3aa56f87e7482182c3b9d2b6db98a38966748083aa
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Last-Modified: Wed, 08 Feb 2023 18:13:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d8483fc018654edbe1a8857ef0ee957c
954bca338b0f374c0cc2f9dbda535e532a53a0ac
8bee135cffa717882fa85d6907dc528e3eee01203f41172dfd35e6a5729cd400
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5627
Cache-Control: max-age=85919
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e28683-116"
Expires: Thu, 09 Feb 2023 18:46:22 GMT
Last-Modified: Tue, 07 Feb 2023 17:12:35 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 784c18f4da57c06b59f3b08cfaa55097
c56238a13f6ca2ac5d604107bb7da2bad300ac0d
8f4b9720d0e6aaefca690e910ecc854053de6dd82eb02bc9736ea48df988a42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1039
Cache-Control: max-age=95735
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2bec7-117"
Expires: Thu, 09 Feb 2023 21:29:58 GMT
Last-Modified: Tue, 07 Feb 2023 21:12:39 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5bec964516265e66e7761d8b6f593a5b
15802fea0a54df55688cd204a5cd7c8274e52c97
47f27367edc07a653f0bbbe884572cd34c3b66715b2d2f085b90c7b0682766b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5333
Cache-Control: max-age=111583
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2ebe9-1d7"
Expires: Fri, 10 Feb 2023 01:54:06 GMT
Last-Modified: Wed, 08 Feb 2023 00:25:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5bec964516265e66e7761d8b6f593a5b
15802fea0a54df55688cd204a5cd7c8274e52c97
47f27367edc07a653f0bbbe884572cd34c3b66715b2d2f085b90c7b0682766b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5844
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Last-Modified: Wed, 08 Feb 2023 17:16:59 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
142.250.74.106200 OK 591 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
IP 142.250.74.106:0
Hash d385ae63f596bdc46c9658b37233e6f6
5dcd5c861bd43050b49f5f25e708395f87f3fabf
dcd38059d4fe95c3daa46473328fe36ff191fb97bc21763508315334701b1998
GET /css2?family=Montserrat:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blancoshrimp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 18:54:22 GMT
date: Wed, 08 Feb 2023 18:54:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bet365.com/olpc/nn/143/0/1/open-account
5.226.179.10200 OK 13 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/open-account
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2285), with CRLF line terminators
Hash 361f7084c6a9f490cdbe7e1b357277fb
511ade025b1f037dc6005dab77dc22d4e8742ca9
244fff2be5ae888b5d42d505f005de7585326a74dbbe00f9904f944fa505e869
GET /olpc/nn/143/0/1/open-account HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olp/open-account?affiliate=365_01175261
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12840
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.com 'nonce-7ZckNJAK9Ng+S+0bS+vOFdgVXQjBysCqx65voPXNeTg=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.com/ https://content001.bet365.com/SportsContent/ 'nonce-7ZckNJAK9Ng+S+0bS+vOFdgVXQjBysCqx65voPXNeTg=';connect-src 'self' https://www.google-analytics.com http://members.bet365.com https://extra.bet365.com 'nonce-7ZckNJAK9Ng+S+0bS+vOFdgVXQjBysCqx65voPXNeTg=';font-src 'self' data: 'nonce-7ZckNJAK9Ng+S+0bS+vOFdgVXQjBysCqx65voPXNeTg=';
Last-Modified: Wed, 08 Feb 2023 14:18:58 GMT
CF-Cache-Status: HIT
Age: 2055
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 796692d61e3ab4f9-OSL
ic.aff-handler.com/c/43177?sr=1845934
217.147.127.42302 Found 305 B URL HTTP/1.1 ic.aff-handler.com/c/43177?sr=1845934
IP 217.147.127.42:0
ASN #201071 Virtual Internet Services Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7ab7eeb5d66fad70d6b995756fb8be37
222699da0521415ec77a9e7bd8abdac58b70713b
1fcfdbbdd297fa3d7b5ace2e495d3e032e07a14395cd069ef3ab2a926fde9cce
GET /c/43177?sr=1845934 HTTP/1.1
Host: ic.aff-handler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
Server:
X-AspNetMvc-Version: 4.0
Set-Cookie: uffiliate_click_43177_1845934_=uffiliate_click_43177_1845934_; expires=Fri, 10-Mar-2023 18:54:23 GMT; path=/; SameSite=None; Secure
srv: 1231321
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Length: 305
wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET
40.127.232.184302 Found 254 B URL HTTP/1.1 wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 401c1c6f98744d5f972b5b7fb6934df1
679aba43c8eb9b942ac0a0e2d029693d259522fa
2f130eb13b89c26fbb9e65588a7f228248e8839692cd2ad52297b5b38e8c1a40
GET /C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET HTTP/1.1
Host: wlpixbet.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: //wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET&AutoR=1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Length: 254
Vary: Accept-Encoding
ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
IP 142.250.74.163:0
Hash 97a0011fb12ba8cac57f74b1ce29b6c9
f8871e52ce70abcc74286c41177da9fa10509f46
6989ee708a34c53a66e0def9fb1b090cc6a18c31321dd12401c84db2d4d6fb37
POST /s/gts1p5/jIkIsUPfARQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET
40.127.232.184302 Found 253 B URL HTTP/1.1 wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 69bbc80d512db4d06033ea310c05502a
afff919e62355d25e81de3de1e7a50ef398c6914
005f9795ac30a2b2aec683fdc7dea4b031eb83e53af9fdce63b2996af1a9c89a
GET /C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET HTTP/1.1
Host: wlf12bet.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: //wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET&AutoR=1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Length: 253
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9533e44dd53c70a127740c85699c2c13
7d8bce276b4d9df3f9ded760403c1b52bc8a7a6c
4ba330e5b7acfff9a371b44921641924450542edcf97beae6762d7f79655ee78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1476
Cache-Control: max-age=130755
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e345de-118"
Expires: Fri, 10 Feb 2023 07:13:38 GMT
Last-Modified: Wed, 08 Feb 2023 06:49:02 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash f58dd438a5658f691e6fe50c0cf1a2f0
a21828489dffe19409098d8c9d121f2a89d5238d
f5e291d03ee9e1ad15aadbe50dcd6c742737179745be724f845a244d6614d92d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5E291D03EE9E1AD15AADBE50DCD6C742737179745BE724F845A244D6614D92D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7003
Expires: Wed, 08 Feb 2023 20:51:06 GMT
Date: Wed, 08 Feb 2023 18:54:23 GMT
Connection: keep-alive
www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
5.226.179.10200 OK 46 kB URL HTTP/1.1 www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 45892, version 1.590\012- data
Hash e3596a29429736364ebfef73786a55ab
7bd9b6b18b0985c080d520610c0ab74a128d71bd
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
GET /olpc/Content/Fonts/FTN45__W.woff2 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Length: 45892
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 18:18:33 GMT
CF-Cache-Status: HIT
Age: 1916
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d67eb9b4f9-OSL
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 40f66eec4be365596e338566739eb4f1
3cf814929cb80172d42524322c3ba176cbf4d71c
c20521f8c4bf8e84e318ab3d59cfc6d9c430cf11d49a5ce6f7d956b5f540de26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C20521F8C4BF8E84E318AB3D59CFC6D9C430CF11D49A5CE6F7D956B5F540DE26"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 00:54:23 GMT
Date: Wed, 08 Feb 2023 18:54:23 GMT
Connection: keep-alive
wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET&AutoR=1
40.127.232.184302 Found 185 B URL HTTP/1.1 wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET&AutoR=1
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9ef7cbf2593e1fa335a8ea48ca65d7b
f5c2ee8f152bc0290842c5f1d57ff7708e83a69d
cee6dc9591c011240fa6f49feb4776f521cb73ac2fc98a0ecf1361b867d73796
GET /C.ashx?btag=a_1856b_104c_&affid=871&siteid=1856&adid=104&c=PU_BR_PA_DT_VOLD_PIXBET&AutoR=1 HTTP/1.1
Host: wlpixbet.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pixbet.com/casino/?btag=a_1856b_104c_PU_BR_PA_DT_VOLD_PIXBET
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&148&&&&0&1&&d6a9130c-4687-4c54-bd96-80fd4a455cc2&&a_1856b_104&; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
A_104=a=104&r=0&fv=0&lv=0&vc=0&fc=20230208&lc=20230208065423&cc=1; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
PM_2=c=PU_BR_PA_DT_VOLD_PIXBET&s=1856&ad=104&md=0&pm=2&d=20230208185423&ip=1532635802&r=0&ref=&RedirectParams=btag%3da_1856b_104c_PU_BR_PA_DT_VOLD_PIXBET; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Length: 185
Vary: Accept-Encoding
www.bet365.com/olpc/olpc-styles.css?v=OUCNRoz5UJA_hlonvvM-zKypUxxoB69C1PKm61WNx101
5.226.179.10200 OK 128 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-styles.css?v=OUCNRoz5UJA_hlonvvM-zKypUxxoB69C1PKm61WNx101
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (335), with CRLF line terminators
Size 128 kB (128522 bytes)
Hash 70c566a3f45d214eb461698a7039aeec
91577629b42f6b6feac44540599606e777922121
572bcd269e50b62ebdd6b42cd36e0e0bc62796cfbe975dc375547674619ce655
GET /olpc/olpc-styles.css?v=OUCNRoz5UJA_hlonvvM-zKypUxxoB69C1PKm61WNx101 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Thu, 08 Feb 2024 10:18:25 GMT
Last-Modified: Wed, 08 Feb 2023 10:18:25 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 2144
Server: cloudflare
CF-RAY: 796692d68f931c0e-OSL
promo.20bet.partners/redirect.aspx?pid=191753&bid=1971&lpid=1154
23.36.79.17307 Temporary Redirect 6.9 kB URL HTTP/2 promo.20bet.partners/redirect.aspx?pid=191753&bid=1971&lpid=1154
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash da3171255557c7a6dbffe1ff493d52d0
177732c0d152e53b8d0b49e12725c29fcb8c52a5
316117fe3cdb64cd1c4bf404aa2f450f6dcbb3066ad0fe133c5d73ae9d5e8a0e
GET /redirect.aspx?pid=191753&bid=1971&lpid=1154 HTTP/1.1
Host: promo.20bet.partners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://20media.world/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 08 Feb 2023 18:54:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:23 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a191753%2c%22BID%22%3a1971%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675882463730)%5c%2f%22%2c%22CookieTag%22%3a%221971191753451240919C2023281854%22%7d%5d; SameSite=None;; domain=.20bet.partners; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221106440826%7c1%22%7d%5d; domain=.20bet.partners; expires=Fri, 08-Feb-3022 18:54:23 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=100
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3af3ee0ed959a22ee157c89a60d662b1
89adaf8b7a04178def439958d6292da959c62b2b
36548afe4876592025dccb16ad77ce252cea50ab72fe7c6e930e083631b4d0aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Last-Modified: Wed, 08 Feb 2023 17:37:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO
188.114.97.1302 Found 714 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO
IP 188.114.97.1:0
Hash 9a97460fd3342b6b156bfa0731c4f38a
bd3eac4882378e9fe28651201f7829bcfd90b11e
3df5b9850c6ac17a1219c9d3e2ca68c78028bf8993ebd07c9cc3d30f27300e75
GET /C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOmyANmMTnxuROdQTbdJNX8fyqz%2Fs4KwwL0CxIB2ooINxrXnqUrOWZWUN0bbGyJd%2FkhslXUFSW7eKehsFtHnJdF33%2FpGGPEoRq41ZjXRd%2FM8ub44dYos%2BhaWNyN12g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692d5cf6db505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
5.226.179.10200 OK 696 B URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (990), with no line terminators
Hash 950a40666081e9e68dfc373b8b506848
f42ad51987c23247fb1970e8e85d128e93b7fa8b
3f48dc698d83907f44cab6b6758bb75c5d7c6f75159d4f0290d6b4dcd073cd37
GET /members/services/host/Scripts/js/ProductCommon_v1.js?async HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2023 18:54:23 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d6bf46b4f9-OSL
www.bet365.com/olpc/olpc-scripts.js?v=QiTdi93Kjo0gOLPeEMbGjBwZr56JrtuCD56Ga17ZGYM1
5.226.179.10200 OK 10 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-scripts.js?v=QiTdi93Kjo0gOLPeEMbGjBwZr56JrtuCD56Ga17ZGYM1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (29663), with no line terminators
Hash c8c98c853fd59ed983bce0aba30cf701
f923bfe2192a18cd77057e0d903b2c836b7a6004
1e79a0fec6fd042aa473e69ac2b1227595b52138784c2aeed59a02ec1e8660fa
GET /olpc/olpc-scripts.js?v=QiTdi93Kjo0gOLPeEMbGjBwZr56JrtuCD56Ga17ZGYM1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 9965
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Thu, 08 Feb 2024 10:18:25 GMT
Last-Modified: Wed, 08 Feb 2023 10:18:25 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 2144
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 796692d7095eb505-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ebdbc1bc444e5c42b3d84802c666188
7614930f1c26122466088760c4114e30f02aab92
3786b1eae99bed67b63b5d2508a813de5b322521e2c12f8ffad6aeb5b2c72044
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2429
Cache-Control: max-age=104716
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2dc6e-117"
Expires: Thu, 09 Feb 2023 23:59:39 GMT
Last-Modified: Tue, 07 Feb 2023 23:19:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET&AutoR=1
40.127.232.184302 Found 174 B URL HTTP/1.1 wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET&AutoR=1
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9a576d04ecc221479f28ef36d62876dc
9c3f7b9b5790fa2b2be7217ffc368afdc90fb4c1
84845a1009e63e0136af7ec2b9d4deb6fbd9eb592f733c47ee297d80737d6678
GET /C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=PU_BR_PA_DT_VOLD_F12BET&AutoR=1 HTTP/1.1
Host: wlf12bet.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://f12.bet/?btag=a_3672b_86c_PU_BR_PA_DT_VOLD_F12BET
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&148&&&&0&1&&5bb7334e-5b36-4b6e-bf58-761f89957bc8&&a_3672b_86&; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
A_86=a=86&r=0&fv=0&lv=0&vc=0&fc=20230208&lc=20230208065423&cc=1; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
PM_2=c=PU_BR_PA_DT_VOLD_F12BET&s=3672&ad=86&md=0&pm=2&d=20230208185423&ip=1532635802&r=0&ref=&RedirectParams=btag%3da_3672b_86c_PU_BR_PA_DT_VOLD_F12BET; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Wed, 08 Feb 2023 18:54:22 GMT
Content-Length: 174
Vary: Accept-Encoding
www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
142.250.74.168200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 5715089072521a95117190629b70135a
2025229dd65269b972a8aa8f63d306dc295f059a
496b1df2c778a3a03714df400bfca471a4ab21befcfdb29e65a5e9bfd38df283
GET /gtm.js?id=GTM-T2BKDHM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 18:54:23 GMT
expires: Wed, 08 Feb 2023 18:54:23 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 18:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
5.226.179.10200 OK 3.6 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9857), with no line terminators
Hash 8526418443f6bcfead67615247d3e38a
6935cb6ce3e37192afcd3d08ec3b2d9c18035d20
49fa8353e8973f41c38723a669bd3200fd658ba87d6c121eb45da4af631825aa
GET /members/services/host/Scripts/js/ProductCommon_v1.js HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2023 18:54:23 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d72c400b61-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ab88b8165d39c17802adcfb408ea10fa
fc931d76c575e6d449a0ee0fc3f149436fab526a
c82028ee7859d2c74998ab9385a8146f61e51918687edee3e6feb0f25bed294c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3331
Cache-Control: max-age=112835
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2f89f-1d7"
Expires: Fri, 10 Feb 2023 02:14:58 GMT
Last-Modified: Wed, 08 Feb 2023 01:19:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
brazpromo.com/promo/click/620633f29fd70
45.148.37.221302 Found 0 B URL HTTP/1.1 brazpromo.com/promo/click/620633f29fd70
IP 45.148.37.221:0
ASN #208685 Serverius Holding B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /promo/click/620633f29fd70 HTTP/1.1
Host: brazpromo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Feb 2023 18:54:23 GMT
Location: https://brazino777.online/?b7pm=620633f29fd70&ambp=
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhenByb21vLmNvbTkxLjkwLjQyLjE1NCJ9.ZDjYFvYZxKUILrfNkwyaoGB08xcqbaPDMkFduOzW5IB2ZVDJBddC_Pnc27evdhIMWpb7HJkTdwhNcxLCocsL6w; Path=/; Expires=Thu, 09 Feb 2023 18:54:23 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=461e247662dc5084a2d06b00969314f8; Path=/; Expires=Wed, 08 Feb 2023 19:09:23 GMT; HttpOnly; Secure; SameSite=Lax
language=926f8a8c972cd75f94899efbe6d499a8d22a552b%7Een; expires=Wed, 15-Feb-2023 18:54:23 GMT; Max-Age=604800; path=/
dc60caeaf05919ee5f64ad5274f274bd=9e11092210898ae196f504ff327ace7ecc67fbfc%7E92; expires=Thu, 08-Feb-2024 18:54:23 GMT; Max-Age=31536000; path=/
session=51e20744817d5188f07c72b67b6be10b3d326db0%7E63e3efdfdac6d4-12825157; expires=Wed, 15-Feb-2023 18:54:23 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Waf-Req-Id: 20da83a7-adf4-4f9f-bac6-fd0324bd2413-392023
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ebdbc1bc444e5c42b3d84802c666188
7614930f1c26122466088760c4114e30f02aab92
3786b1eae99bed67b63b5d2508a813de5b322521e2c12f8ffad6aeb5b2c72044
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2429
Cache-Control: max-age=104716
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:23 GMT
Etag: "63e2dc6e-117"
Expires: Thu, 09 Feb 2023 23:59:39 GMT
Last-Modified: Tue, 07 Feb 2023 23:19:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
media.betwarrior.bet/redirect.aspx?pid=9275&bid=2636
23.36.79.16307 Temporary Redirect 0 B URL HTTP/2 media.betwarrior.bet/redirect.aspx?pid=9275&bid=2636
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=9275&bid=2636 HTTP/1.1
Host: media.betwarrior.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_31FE330CD5BB4A3D94E4EB1CBE0A3728
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 08 Feb 2023 18:54:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:23 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a9275%2c%22BID%22%3a2636%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675882463955)%5c%2f%22%2c%22CookieTag%22%3a%2226369275451240919C2023281854%22%7d%5d; SameSite=None;; domain=.betwarrior.bet; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2243202247%7c1%22%7d%5d; domain=.betwarrior.bet; expires=Fri, 08-Feb-3022 18:54:23 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=41, ak_p; desc="465522_388255500_274447298_6058_3574_14_0";dur=1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bc0258780e2854e64845167ab5e5443d
b90285671f1accacb4450d68c862fcb8e1248f2d
524eca5f10f0ebec40b65dad53dcc9fd32e68f22483a1111edeb99c0093d5afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Last-Modified: Wed, 08 Feb 2023 17:50:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECsSjKGAQAABChtvUBgYMQKesRReyimgER4ZQF6eVM1m-21ztLuGfNuUmRO&PIRXTcSdwp--z=q
5.226.179.10200 OK 182 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECsSjKGAQAABChtvUBgYMQKesRReyimgER4ZQF6eVM1m-21ztLuGfNuUmRO&PIRXTcSdwp--z=q
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 182 kB (182425 bytes)
Hash 126eab3e6f1c0c79597268371fead2ab
a18cca50f08525aeceaf816cc19651b51e1d3c98
04dbc6fc0e71be528b4a387e0374cc956287ef0fab5c0e34c19c85a80fdc7594
GET /members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECsSjKGAQAABChtvUBgYMQKesRReyimgER4ZQF6eVM1m-21ztLuGfNuUmRO&PIRXTcSdwp--z=q HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 08 Feb 2023 18:30:00 GMT
CF-Cache-Status: HIT
Age: 1463
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d7e9d71c0e-OSL
content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
5.226.179.10200 OK 7.9 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 255 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 51325bd6f5ada6b0eba71b19dda89dd7
4c67ca4f77680cd5acdcf04cac6b9a673e5ccc70
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
GET /SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 7868
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d7cee6b500-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 66fe05c16f6fa9eee5708d40ca83f676
5b85fe43a5ac9a21ab46d688afbc1a7690619078
64ac147e82a3727f1eb0c6ae2f67eba5fc2264d1231d1fdd4d4407c1cc09ad76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Etag: "63e3b665-117"
Last-Modified: Wed, 08 Feb 2023 18:41:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
142.250.74.168200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (32620)
Hash c82baea71ffce6e061f34bcf8df74ed1
bce32fa7710336268f3ae37ff3fddcfc10733c83
e65c4b8697fbfe8f72698ff18cb2d28a5cc37a19e3ccdccf6cb6add10d3bdc33
GET /gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 18:54:24 GMT
expires: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 784c18f4da57c06b59f3b08cfaa55097
c56238a13f6ca2ac5d604107bb7da2bad300ac0d
8f4b9720d0e6aaefca690e910ecc854053de6dd82eb02bc9736ea48df988a42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1040
Cache-Control: max-age=95735
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Etag: "63e2bec7-117"
Expires: Thu, 09 Feb 2023 21:29:59 GMT
Last-Modified: Tue, 07 Feb 2023 21:12:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01175261
5.226.179.10200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01175261
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_01175261 HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Set-Cookie: Affiliates=Code=365_01175261&prd=Sports; domain=.bet365.com; expires=Sat, 25-Mar-2023 18:54:23 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=09F2137F51C74497B05055E006FF5810000003; domain=.bet365.com; path=/; secure
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692d74b42b524-OSL
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0f5bd71c9a34ccdfa7416ffd608cf0a7
7fd09c95f6e3dbb4f6c847de464edaac8ce040e2
a762d89a6ad3bd68619b2c27b6b5124a318a7f7dd00279877e0df60c85a2326e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A762D89A6AD3BD68619B2C27B6B5124A318A7F7DD00279877E0DF60C85A2326E"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=704
Expires: Wed, 08 Feb 2023 19:06:08 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
5.226.179.10200 OK 4.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 097b1799e6f2ab026f137f91b4627384
fd6a5222f5743cccc954a311b6d30b4125179244
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
GET /SportsContent/Global/Footer/SPORTSX2-18.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 4400
Connection: keep-alive
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d86fc6b500-OSL
content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
5.226.179.10200 OK 6.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 162 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b8c19b189cccdda7105465a474c9b4d
6ef1cecd283f484606c987259e06a22ff3aff7ae
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
GET /SportsContent/Global/Footer/SPORTSX1-ESSA_2.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 6386
Connection: keep-alive
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d87ebf0b3d-OSL
content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
5.226.179.10200 OK 2.0 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash d8cb8a91c78942815c69aaeea7c79162
0a36fd477b2c7d88bb67d95e806bf5838d1b39cd
057c251de5bc8825df293db443b8c9a99e01f856abe658c741a89c86b6bfa2e1
GET /SportsContent/Global/Footer/MGALICENSED.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 1979
Connection: keep-alive
Last-Modified: Wed, 10 Jul 2019 13:20:52 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d8addab52d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 978e179111e4d53632d565205b0e6bf0
78a02eacc831f8d13e14ce4c62d204d8afd47793
396bed8cf156dd74c253b574573cc49003b5f594784a0fae3193ce07f4cd1101
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4836
Cache-Control: max-age=159655
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Etag: "63e3a9a3-117"
Expires: Fri, 10 Feb 2023 15:15:19 GMT
Last-Modified: Wed, 08 Feb 2023 13:54:43 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 279
content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
5.226.179.10200 OK 5.3 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 188 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 40ed9c8ae714b944f87008ab90bb071d
32bbf71529809e6ea3521c5636838a76c7488fae
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
GET /SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 5324
Connection: keep-alive
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d8b94b0b59-OSL
content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
5.226.179.10200 OK 1.7 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 206 x 48, 8-bit colormap, non-interlaced\012- data
Hash 9c970e4a7854f871873d7b1401701536
2236689845834104a586507057840c7229c7353c
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
GET /SportsContent/Global/Footer/eCogra-Horizontal2x.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: image/png
Content-Length: 1671
Connection: keep-alive
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 13 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692d8c83ab500-OSL
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.platincasino.com/br/lp/sports?ma_token=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk&ma_affiliate_id=2541
23.36.79.11301 Moved Permanently 162 B URL HTTP/2 www.platincasino.com/br/lp/sports?ma_token=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk&ma_affiliate_id=2541
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /br/lp/sports?ma_token=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk&ma_affiliate_id=2541 HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 162
location: https://www.platincasino.com/br/lp/sports
expires: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:24 GMT
set-cookie: ma_affiliate_id=2541;domain=www.platincasino.com;path=/;max-age=31536000;expires=Fri, 01-Jan-2100 00:00:00 GMT
ma_token=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk;domain=www.platincasino.com;path=/;max-age=31536000;expires=Fri, 01-Jan-2100 00:00:00 GMT
b1pi=!v9IkujC1kUKNDVt81GQs2bd/OrbFP5uA5psVzJ/UdTPqFa6639DRTz7tdrSprgs+xx8dXeTOFpy7rg==; path=/; Httponly; Secure
ak_bmsc=76AD2C651B63765FD6F35CB4FDC27508~000000000000000000000000000000~YAAQB08kFyeCOCeGAQAA0wNhMhKQvk7Euyby02RFBausuuUROum1Tb1M63Peijucz6S8wVaYX6SRjrPE5WnNcmojz0vwCq5/9tt9N3AYfzVvQVr+MiSczPyT+pScSbQ42q73xRJHQts7hnh618dTYjJAgpCAJ4+hbec0wYQzXuXT2n8pgTLlzQR1p64leSH8EHQiGf+LU7tGeXCX5ZOFt5ckeP3ZGOMUXeFNw2v/QciHCn6kWRFJL1BeWTKUcM1+1UwMx7J/OU9PUgUtyED55f6iP4eWX0r8SPpyUXQLp5Z4PlvdaMeLFneOODgIErh95zzmuW8uFJtjv495CxNqfhQXg9kyFfN0UrxNLYEzdzcSQTmxGGt0nQ9L0o5uvLdiCsuRn4wzLxCjtvyIQ1mh; Domain=.platincasino.com; Path=/; Expires=Wed, 08 Feb 2023 20:54:23 GMT; Max-Age=7199; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 2e3931ce71c75b538245ef72b45e7a70
4c12aa85db8de5cd92b189b730e46d4a990b5eb2
6cdafcc1cc4d48b78b6b45a9b5581be53e6e96a778536388fb24ca5a291dae42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CDAFCC1CC4D48B78B6B45A9B5581BE53E6E96A778536388FB24CA5A291DAE42"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15298
Expires: Wed, 08 Feb 2023 23:09:22 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
br.betano.com/?btag=a_9862b_619c_PU_BR_PA_DT_VOLD_BETANO&utm_medium=2566&utm_source=1&siteid=9862
104.17.84.89302 Found 0 B URL HTTP/2 br.betano.com/?btag=a_9862b_619c_PU_BR_PA_DT_VOLD_BETANO&utm_medium=2566&utm_source=1&siteid=9862
IP 104.17.84.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?btag=a_9862b_619c_PU_BR_PA_DT_VOLD_BETANO&utm_medium=2566&utm_source=1&siteid=9862 HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:24 GMT
content-length: 0
location: /myaccount/ban/country-341629?alt=true
x-farm: 05
x-cacheable-status: 302
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
set-cookie: sticky=stx63.021
__cf_bm=Owzj.oAX_mAvG2BS_G1ZfyFfgkORVefbuLVT6Ys5Mhw-1675882464-0-AcDels2LEVOoItRAw7GA3aPR8mEn6erhuYnlCy4VoTwaSzTgX8io0v0WGGl+nZ/hsKEsj6nPeJetdUDZtpzQcDA=; path=/; expires=Wed, 08-Feb-23 19:24:24 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 796692d90f22b51b-OSL
X-Firefox-Spdy: h2
www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
54.230.111.48301 Moved Permanently 0 B URL HTTP/2 www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
IP 54.230.111.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription HTTP/1.1
Host: www.888sport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.888sport.com/pt/spt/brazil-wel.htm?utm_campaign=100140589_1845934_nodescription&utm_content=100140589&utm_medium=casap&utm_source=aff
date: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: max-age=1800
x-wcs-correlation-id: mInv6E99F2DaOo5PtYQ9gLZyUaNDsYn_OuLpkifqPkHMH0VyCcymXQ==
set-cookie: 888TempQueryCookie=sr%3D1845934; max-age=60; domain=888sport.com; path=/; secure; samesite=none; httponly
888Cookie=lang%3Dpt%26OSR%3D1845934%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=604800; domain=888sport.com; path=/; secure; samesite=none; httponly
888TempContext=testdata%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=60; domain=888sport.com; path=/; secure; samesite=none; httponly
apigw-requestid: ACJrEgRoDoEEMzw=
vary: Cookie
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mInv6E99F2DaOo5PtYQ9gLZyUaNDsYn_OuLpkifqPkHMH0VyCcymXQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bc78c71904ec73eaefbff07fb2f922d4
14ad262b452ea5e18b8fc2e422d7afb3224d822f
37886d813e51f48ad8396c7c830c96d0be6e44a3b9c2aab1a832d2f836b81b05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1479
Cache-Control: max-age=162801
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Etag: "63e3c30a-117"
Expires: Fri, 10 Feb 2023 16:07:45 GMT
Last-Modified: Wed, 08 Feb 2023 15:43:06 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 279
20media.world/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
172.67.68.125302 Found 430 B URL HTTP/2 20media.world/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
IP 172.67.68.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0a3f0a4db788f26441d9bedf96509934
8841f8167c5f36cbb1951e590bdcba2b63644605
b10737dc87673f953d5f5656f89ceb5800167268f5c0cb6c9ccd909a080c30f4
GET /br/?btag=668128_2340F497E7724DB9B10970111FEC03F5 HTTP/1.1
Host: 20media.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=UTF-8
location: https://20bet.com/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwtIUJ8FTH8Cf5M2ylW9sz0%2FK7NYJJ0NJEAjPsyCrTBPZYESaEC2MuRyaxFMWTmQywRnaMglynukTlCOc38VSxqrMaJpaqwZL3wd3rIyqeWGfLSDKxGShNcdXe%2FQzWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692d84eed1c0a-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
IP 142.250.74.163:0
Hash 97a0011fb12ba8cac57f74b1ce29b6c9
f8871e52ce70abcc74286c41177da9fa10509f46
6989ee708a34c53a66e0def9fb1b090cc6a18c31321dd12401c84db2d4d6fb37
POST /s/gts1p5/jIkIsUPfARQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megapari.com//registration/?tag=d_2032927m_25437c_
83.147.204.197301 Moved Permanently 0 B URL HTTP/2 megapari.com//registration/?tag=d_2032927m_25437c_
IP 83.147.204.197:0
ASN #202492 Silverhill Group Holding Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //registration/?tag=d_2032927m_25437c_ HTTP/1.1
Host: megapari.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-frame-options: SAMEORIGIN
set-cookie: SESSION=5b2a8ec7156335387bdbaa2b0e7ffba1; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=U5PMxWPj7+ABZkgDA0B2Ag==; path=/; secure; httponly; samesite=lax
location: /registration/?tag=d_2032927m_25437c_
x-reason: 100
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
b-partner.xyz/a74c621bf
172.67.218.53302 Found 415 B IP 172.67.218.53:0
Hash faa5e6e522379677b0696ec9dcc5a90b
100fef7b9fe616f44b62600ec3546372cbb49149
e7649fe12c678006542af5545fd2f9d54123cd7c1be8e7869840b2a4b1cf07e7
GET /a74c621bf HTTP/1.1
Host: b-partner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://bitslot.io/?stag=148527_63e3efdf680fad7724895731&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
set-cookie: 73d3f1ba062585bce51f=63e3efdf680fad7724895731; Expires=Fri, 10 Mar 2023 18:54:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsiDkUr8KvP6Lyz01mB6eSg%2BUGYGqTp0ZicGStwi0BJ58oMNGHOt%2Fb%2FQs2CEuV8Pw78ZcPcNqzyX9czfAEBoQpZnxJJIEyipFaI9Bw9%2BM%2BMe%2BKGGdb9N0%2FQJ0CAZ7Bxp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692d63b7cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 504d4ef5773938e882c697ac19771357
4a595c35d041da0b9c1c4677756e454b8e416f67
cf18390c3d0e8e97e9d7447d2ee96ffacf6da5bf4513ad946d66de50f768b6eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3118
Cache-Control: max-age=108261
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Etag: "63e2e797-118"
Expires: Fri, 10 Feb 2023 00:58:45 GMT
Last-Modified: Wed, 08 Feb 2023 00:06:47 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.249200 OK 345 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 35abc30564fb76bef97fc716d9e8c2f9
ee20a971b17473e1e07aee4075173dfd612b9fc6
d8be286a1b45750d88a0b71816fe3b099f012c485e080d0cb22130f267b33ba9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D8BE286A1B45750D88A0B71816FE3B099F012C485E080D0CB22130F267B33BA9"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 00:54:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
www.platincasino.com/br/lp/sports.html
23.36.79.11302 Found 0 B URL HTTP/2 www.platincasino.com/br/lp/sports.html
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /br/lp/sports.html HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://www.platincasino.com/no/lp/sports.html
content-length: 0
expires: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:24 GMT
set-cookie: PHPSESSID=4r7kel6np2g1ab0grug35j7v6c; path=/; secure; HttpOnly; SameSite=lax
b1pi=!kUjEyt/79+YtpJB81GQs2bd/OrbFPyIwsbE/wAitM3EL2jrsO5cdEGdp3NxSzCCSYDleENpyC/9EHQ==; path=/; Httponly; Secure
ak_bmsc=00013356702DE858E61482FB29B0DE26~000000000000000000000000000000~YAAQB08kFy+COCeGAQAAhQRhMhLzKJHru+Swlg2cfgiOKL8hScu3GUYoWzfgmXc5Fsc75dUY3HP+YXt/oS7vTR8gdC9IOC4Po23Wcw6rLacy369AGqNZPQ8QTn+Zy/IcsC7U+0ZkRolHHM8Ny8ntZmKYBeHxK5n8okeDa3x55qKt08cwp+kSfDT7DxWDAkax9JbcHleobLottNaXAvdC2Uz3xvtXNuJU4VyOG3PpSSan0nB7f5YQbe+cD1Gw6TOwxJEWvJabXPmh5IpOzK2RsFD3D5Nckv2X+hucbCZcOtstRU6b+opeFdvRlqM6HoylORFQBdbZpz9cifAPXFUh55r3j8FDVv6Zz/u+vaDSJqyhacbzX5smmTmjXTPZmv7wK5Q/RPCAz3wBXYgaLrqq; Domain=.platincasino.com; Path=/; Expires=Wed, 08 Feb 2023 20:54:24 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 91e75afc468dafde178004443a4e244a
2416573871a1503a1590d1ae3033f2e94ea1b8a6
7cf06e1e38869806ffcfc399be96092cc488e1a71c2877ab31d69f2f3ba2991e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7CF06E1E38869806FFCFC399BE96092CC488E1A71C2877AB31D69F2F3BA2991E"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 00:54:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 359bad39cbc871f3d41d64703b9bcedd
ca5faad642f65c61fe7c79eead490fd36694ec59
e71c9cf910f06c3a8898ba610c6006bf6fb35fa9ff194b2fb057751d6996268f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:24 GMT
Last-Modified: Wed, 08 Feb 2023 18:34:02 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e3jkASbjiukVv4lYXZT4VYQHBpCSzXoqWmEVMbknvZfLYgXE8E2dEQ==
Age: 1222
r3.o.lencr.org/
23.36.76.225200 OK 3.4 kB IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1350fd9173aaa8538cbdda22a0880b58
42766855ec7bbde3b355b00960b192b3dcbbe7ac
f7d10a8475988665ed2d3eef2a52669bae7e74dee4b7d65428e3a3de27b303c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A4F9FB02C8099F35926E92A4D38AB646FDCAE6C637512C2705B958007457945"
Last-Modified: Mon, 06 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 00:54:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
brazino777.online/?b7pm=620633f29fd70&ambp=
45.148.37.160301 Moved Permanently 162 B URL HTTP/1.1 brazino777.online/?b7pm=620633f29fd70&ambp=
IP 45.148.37.160:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?b7pm=620633f29fd70&ambp= HTTP/1.1
Host: brazino777.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Wed, 08 Feb 2023 18:54:24 GMT
Location: https://brazino777.com/?b7pm=620633f29fd70&ambp=
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5vbmxpbmU5MS45MC40Mi4xNTQifQ.Rfol8wm9J8FMnvHSSgALD2BQ04tajLtC6dKIy7Obaed-ineWBTE7JCFlz2rWhnbB60jbgPABGpn7sPUzZEGKMw; Path=/; Expires=Thu, 09 Feb 2023 18:54:24 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=dcb83ed6497d11cb969f2421d22c8d3c; Path=/; Expires=Wed, 08 Feb 2023 19:09:24 GMT; HttpOnly; Secure; SameSite=Lax
X-Content-Type-Options: nosniff
X-Waf-Req-Id: a0e1f27b-9ad4-4b52-b057-ff7eac75ea0e-392023
Content-Length: 162
www.platincasino.com/no/lp/sports.html
23.36.79.11302 Found 298 B URL HTTP/2 www.platincasino.com/no/lp/sports.html
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c5a72b78d3a66d0581af4b52f3958d93
24a2d5779a5051e3eeb338f4b73b8ede9b6c91e9
4b9bf3fa30253a4d0e0aac81ffe2d2ddb3beb0c4fa6444f705efac246ceb0ea5
GET /no/lp/sports.html HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /no/home.html
cache-tag: html
x-frame-options: SAMEORIGIN
content-length: 298
expires: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:24 GMT
set-cookie: hl=no; expires=Thu, 08-Feb-2024 18:54:24 GMT; Max-Age=31536000; path=/
recent_games=%5B%5D; expires=Wed, 15-Feb-2023 18:54:24 GMT; Max-Age=604800; path=/; httponly; samesite=lax
b1pi=!tGSqxITqT4uduh581GQs2bd/OrbFP3ap0P1nitbWrHBe3f1FW5sm5Th11aAZOtWCIV+74/UiXHPUYA==; path=/; Httponly; Secure
ak_bmsc=2C5FD6AB553876D60867DC7DD8947D98~000000000000000000000000000000~YAAQB08kFzaCOCeGAQAA1gRhMhIfLEGcolRytHtjODaMMLpof6vQo/ZV7t4v5eFlhj+P4JLhS1WFJb9NJgjBQbfw0ImU0PHeB8QS3cKW6MVxCfyCGVi69mZH0rsFPs4xbEg3D16ML3vjW0zmRBxb/+qGHVEtfoP4KVojLH+bFEeaRUzi3DzoBoLyQp7KvvU1YilYEFGwhYXDefYmPNjFeS5qCW2zugIYwBLMkrmE1QtwiaAWxYAFsOaB1vhHyQKzn4U9mQP13iU7bfUGZ3hkMB8RirmwnOhqroxGEUED4PvJrxjdk2BieP5MG8rIv5qywUCuEHQClxy5Gwbf0V4BEadpO3aIXB4w5GsjYGKHzMrYz/PTqY0wruOEH/YVxREpeYxa+3QfiXp0eLGLuSGl; Domain=.platincasino.com; Path=/; Expires=Wed, 08 Feb 2023 20:54:24 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
5.226.179.10200 OK 1.4 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (489), with CRLF, LF line terminators
Hash 41bc7a3cb016ed2e39c03d0cc8be6b42
b18485bc2f7d8bb65434447040e3b6a7125a0509
6b68a474dc9ab3d547c5584d6a1de4360570147384669553d528ee80495e9f57
POST /olpc/nn/143/0/1/cookieconsentajax? HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bet365.com
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=UGtvLPNKqhvgvd6DDljQ2_r8wpT2N4A8Zy06MSLwPIA-1675882463-0-Aes4Fk76ln8L7qa79UAgtavgdoGdeulCQTZJx9YNmDq305CxdrNx0Ao9ptH5MeizfRNb2/YqSLo4T2hZfHfrxTk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1362
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692da8cc71c0e-OSL
promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_31FE330CD5BB4A3D94E4EB1CBE0A3728
3.126.202.50200 OK 13 kB URL HTTP/1.1 promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_31FE330CD5BB4A3D94E4EB1CBE0A3728
IP 3.126.202.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3530), with CRLF, LF line terminators
Hash ee4695145b271e3112ceddeb79e433cb
071a376c7d1e72acd227ab2cfcfea7239917c177
92edac6ed5f059e30ed9c4fc07af34a93a8c58a51ba38d463081b2b4412c1874
GET /pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_31FE330CD5BB4A3D94E4EB1CBE0A3728 HTTP/1.1
Host: promo.betwarrior.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a9275%2c%22BID%22%3a2636%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675882463955)%5c%2f%22%2c%22CookieTag%22%3a%2226369275451240919C2023281854%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=utf-8
content-length: 13375
set-cookie: ubvs=fdcc0791-5b92-4b03-bdec-14bf5cc50498; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=v2%7Cfdcc0791-5b92-4b03-bdec-14bf5cc50498%7Cd900212c-aaf6-4628-83f9-0172663a0851%3Aa%3Asingle; Max-Age=259200; Domain=betwarrior.bet; Path=/; SameSite=Lax
ubpv=a%2Cd900212c-aaf6-4628-83f9-0172663a0851; Max-Age=15897600; Path=/pt/welcome-offer-sports/; SameSite=Lax
content-location: https://promo.betwarrior.bet/pt/welcome-offer-sports/
etag: "a:fdcc07915b924b03bdec14bf5cc50498"
link: <https://promo.betwarrior.bet/pt/welcome-offer-sports/>; rel="canonical"
x-unbounce-pageid: d900212c-aaf6-4628-83f9-0172663a0851
x-unbounce-variant: a
x-unbounce-visitorid: fdcc0791-5b92-4b03-bdec-14bf5cc50498
content-encoding: gzip
x-proxy-backend: page-server
20bet.com/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
104.22.34.208301 Moved Permanently 1.3 kB URL HTTP/2 20bet.com/br/?btag=668128_2340F497E7724DB9B10970111FEC03F5
IP 104.22.34.208:0
Hash 5810edaade160f441a7131d200992fc4
713ea02a11f2460afbf03423199e4a162b0b7bc8
5c753e6e4f26ca3e9847c982e03d27692f4987748f9701b86193045822c5c4aa
GET /br/?btag=668128_2340F497E7724DB9B10970111FEC03F5 HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=UTF-8
location: /br?btag=668128_2340F497E7724DB9B10970111FEC03F5
cf-ray: 796692da2ec62d59-ARN
set-cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; expires=Wed, 08-Mar-2023 00:00:00 GMT; Max-Age=2351136; path=/; secure; samesite=none
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
f12.bet/?btag=a_3672b_86c_PU_BR_PA_DT_VOLD_F12BET
104.18.41.151403 Forbidden 2.6 kB URL HTTP/2 f12.bet/?btag=a_3672b_86c_PU_BR_PA_DT_VOLD_F12BET
IP 104.18.41.151:0
Hash 4b75276c7384e9aa05db818faed1486f
75c2a2f39a1a4a2843e720eb7ef6f75659a917b5
b1679ff96be5c235c7246ab9eb10de5086ca40d143a35583e41ef45383acc783
GET /?btag=a_3672b_86c_PU_BR_PA_DT_VOLD_F12BET HTTP/1.1
Host: f12.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=kLiaSNGVFoTsLCseGHOLGDCO85eu6cCik2Js473Ewz4-1675882464-0-AUcWAaWyXXbEXQ8aV81juR6yNnCQRvMckKRBckioKaCAbqvOzKtDFoY9CPb1E1unX4I9NlsM2JuasqghBkbxc5w=; path=/; expires=Wed, 08-Feb-23 19:24:24 GMT; domain=.f12.bet; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692da6e97b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.14200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.14:0
File type ASCII text, with very long lines (15017)
Hash 3d27e56a34e34b278ab5e182cbc3b587
b871dae022b6537150e18df2bbf266caaa013fdc
3646920461d3a5dd11dfb46a1d063bee0eaad079e9d3e9341942f24f3688401f
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Sat, 21 Jan 2023 01:22:01 GMT
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
etag: "3d27e56a34e34b278ab5e182cbc3b587"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HlR426kcvJot7HjvXNCb8YiDieCnJ8vkd7VQZBY_1drVHOKzhmJ6sg==
age: 1618344
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3590
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Last-Modified: Wed, 08 Feb 2023 17:54:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
104.17.24.14200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (57919)
Hash 4a8baa45fecbff51b8b9863b95788c9f
1dbc7f159b53fbd717d8cff486a39373d09aecfc
3a9ca2c9d6a36ce0283f1bc2502912ffb17c2acf9421d3b0ffd81a6be92b63af
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/css; charset=utf-8
content-length: 3511
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e311"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4230459
expires: Mon, 29 Jan 2024 18:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuLPHlBsApt6R2AMMT3xY5OHysIiKVdy1GY0gG72%2FZCTdGHYKnKNSHGW2fg7Uxt0jCG7hNrsqm4n40ZqqwwBsn5GLiVdUie4HgsJUuT7EqNly7meY3kuoVUldsUHtIzO%2BeU7FnhC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796692dd5b2db4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3137
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:24 GMT
Last-Modified: Wed, 08 Feb 2023 18:02:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
151.101.65.229200 OK 6.1 kB URL HTTP/2 cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (23355)
Hash ea49215a394c5aa64726c7127cfaa134
964ecff00146356766b1dc9f13daf36197a93a42
2fbea21c694de25a01d2a0151629a67ab5d04af5e9e9af12f3482d672629695f
GET /bxslider/4.2.12/jquery.bxslider.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5bf7-z6ox3Bc9Kcb0lQd4zMXLOxqRM5Y"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 18:54:24 GMT
age: 3001683
x-served-by: cache-fra-eddf8230109-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6087
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9600
Expires: Wed, 08 Feb 2023 21:34:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9600
Expires: Wed, 08 Feb 2023 21:34:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
151.101.65.229200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
IP 151.101.65.229:0
Hash 68760c9babfe3ad5f6f4b3507194a236
f5308cff25f8bc5e02203de789f79724afe431ab
98b308dad1eb2fc50e7d452f451822f275b47ec8655c3c5b05cd8e32930fca52
GET /bxslider/4.2.12/jquery.bxslider.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"f5e-9CY+ZfG2D1tXr+G8dDrQnwbBEmY"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 18:54:24 GMT
age: 2552613
x-served-by: cache-fra-eddf8230039-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1120
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9600
Expires: Wed, 08 Feb 2023 21:34:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9600
Expires: Wed, 08 Feb 2023 21:34:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9600
Expires: Wed, 08 Feb 2023 21:34:24 GMT
Date: Wed, 08 Feb 2023 18:54:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:30:12 GMT
age: 48252
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:10:04 GMT
age: 38660
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:56 GMT
age: 75628
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:25:01 GMT
age: 44963
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 76224
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 8ae4ce3c945f3d706f6647300e29611f
378084df070468ea1c6afbb11b5e095c4e7e8932
3d23959b717e62732cdfeb0af8b920622b595f16355005e59d0e3371395be5b9
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:25 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FA58C9418719D2B3DF9C34501DB72617106CE41B"
Expires: Thu, 09 Feb 2023 06:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2461
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796692de5e88b51d-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 74900
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B>m=45je3260&_p=169764026&gcs=G1-0&cid=446605990.1675882520&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675882519&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B>m=45je3260&_p=169764026&gcs=G1-0&cid=446605990.1675882520&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675882519&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-45M1DQFW2B>m=45je3260&_p=169764026&gcs=G1-0&cid=446605990.1675882520&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675882519&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bet365.com
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.bet365.com
date: Wed, 08 Feb 2023 18:54:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
brazino777.com/en/?ambp=&b7pm=620633f29fd70
45.148.37.161200 OK 37 kB URL HTTP/1.1 brazino777.com/en/?ambp=&b7pm=620633f29fd70
IP 45.148.37.161:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (39316), with CRLF, LF line terminators
Hash 25f8873c03d707f1deca1a9c8e81066a
6716d9be6dcbdc65e2cee42d829c55cadbe2b373
cd5c5536b3ecf0baf78145e2c81586f226f2138b67e37a360329e79553340487
GET /en/?ambp=&b7pm=620633f29fd70 HTTP/1.1
Host: brazino777.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Feb 2023 18:54:24 GMT
Expires: -1
Pragma: no-cache
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5jb205MS45MC40Mi4xNTQifQ.MagKCacbGjjgrWdk1qDs5yiF402HdBzziBDMdwESF8BQ8GLdXxTaOw2QenpM4yjIVYyxVbrxLGBcJ7bpIYPM4A; Path=/; Expires=Thu, 09 Feb 2023 18:54:24 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=dcb83ed6497d11cb969f2421d22c8d3c; Path=/; Expires=Wed, 08 Feb 2023 19:09:24 GMT; HttpOnly; Secure; SameSite=Lax
device_view=full; expires=Wed, 08 Mar 2023 18:54:24 GMT; Max-Age=2419200; path=/; httponly; samesite=lax
ep=vqcMOmnSHfcJRHeksCUtKPXr5VCqXu6BUlBkch3LEqoeono8D2Mz1glJ6Xf4j183xBgMl2cwRRK4iL2XJFEjwVmbFVZyRtK626nk7XqqeWg%2FhBpl9pbk0dGvUchUDaCFBroxI7rGCBYgzXa%2BBAyQonwXJ9oNihGTBByZSjCslZweNA; expires=Thu, 08 Feb 2024 18:54:24 GMT; Max-Age=31536000; path=/; httponly; samesite=lax
_ym_vizorc_80a1678b98bfe0a45660352c180c61fd45124=a59f007fbf3384ccc33cc586d5d348f0; expires=Tue, 08 Feb 2028 18:54:24 GMT; Max-Age=157766400; path=/; samesite=lax
c8402da13b6006b93d3adb0b9a4de6ec=620633f29fd70; expires=Wed, 08 Mar 2023 18:54:24 GMT; Max-Age=2419200; path=/; httponly; samesite=lax
PHPSESSID=99t9vs95ti1i59t1t4nfmpk0p2; expires=Fri, 10 Mar 2023 18:54:24 GMT; Max-Age=2592000; path=/; httponly
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Waf-Req-Id: e43658f5-9f0a-403b-8020-73105a4a5584-392023
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 1.0 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 2584c99487694ec1ae8b0c25be3cab4f
c40a55d2e72c637237dc6bab03c4dfd36cc56399
f5c40caab47c65173458d083544292dc8f6fe28fba6817f9ed295a68a12e4229
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3236
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 18:00:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e517bae81ab39c4f55057b13ef81aaf
2d86cb59ceb3d5f1ac33957bb8234101562415cb
b931c0516820b16e0b300f130a94a02e877bfcbb89f24f5cc317fa219ecda5e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2532
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 18:12:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e98440aaa046b8574d86c500ce276ac
095ba13947e54331a3dd5014cac8360069a8646d
f80dfdcbbad8a53ead126f63c159e09eca535fe56250cdff2e6328b861e14459
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 17:14:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bc78c71904ec73eaefbff07fb2f922d4
14ad262b452ea5e18b8fc2e422d7afb3224d822f
37886d813e51f48ad8396c7c830c96d0be6e44a3b9c2aab1a832d2f836b81b05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=163717
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:25 GMT
Etag: "63e3c30a-117"
Expires: Fri, 10 Feb 2023 16:23:02 GMT
Last-Modified: Wed, 08 Feb 2023 15:43:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
20bet.com/custom-assets/mainloader.gif
104.22.34.208200 OK 304 kB URL HTTP/2 20bet.com/custom-assets/mainloader.gif
IP 104.22.34.208:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 304 kB (303571 bytes)
Hash 323a31f4cce6bcd83935bbccf0f665da
7ba68a35bec60487944b77a69f91c88556f7017a
9e9d2f310ed323e2649b69229dd077995f5c2217c12bc07c66ea3f17dbc1dafa
GET /custom-assets/mainloader.gif HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: image/gif
content-length: 303571
cf-ray: 796692df1da22d59-ARN
accept-ranges: bytes
age: 3172
cache-control: public, max-age=14400
last-modified: Wed, 08 Feb 2023 18:01:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
server: cloudflare
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 3.1 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (9097)
Hash 8bfd1b79f61b718aaafcc6db8932ff8c
6e880e402819622bc144d6a5c5a7ef92892ddcf8
6aedf603ff72785501b970c487a39928caafc36c64ae4ffab75708340d733235
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2195
expires: Sat, 11 Feb 2023 18:54:25 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 796692df6a30b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93943
Date: Wed, 08 Feb 2023 18:54:25 GMT
Etag: "63e2ac87-1d7"
Expires: Thu, 09 Feb 2023 21:00:08 GMT
Last-Modified: Tue, 07 Feb 2023 19:54:47 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5LPAOZsK-jQrIXdXuve8T4ybDqXbRGrrISFKwgNfF5dCEHRYxsDlcg==
Age: 3921
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 17:32:41 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PO6w7KlZVKLRKjbbOd1P00YbskkHuNxOWg9nGGyfYb3XFmiZAzEiJg==
Age: 4905
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:25 GMT
Etag: "63e2ac87-1d7"
Last-Modified: Wed, 08 Feb 2023 17:41:39 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sCvo9JsrZucsL3RvU2LCR-RMzZcXGybrsYO5zzt-m0X2DITYAVa8UA==
Age: 4366
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 17:32:41 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: za0VVGb44uoI6BmyaTc_lbLyjtxysMpZaupUeaAmOkWxKt00-iMp1Q==
Age: 4905
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:25 GMT
Last-Modified: Wed, 08 Feb 2023 17:51:14 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jgwFcUGdyP_mVByFsP0rjC04XG_Ed2uyZOlwy1nvO_qby-aYdsWV-Q==
Age: 3791
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg
52.95.163.96200 OK 6.4 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6bd9449858dd1fc6d651a669742013a0
7a8afc8b5ce49b038712b210d4cddcf1bb96626d
6e00b84dc119b9e4438dbc4866c01326859ba83ff584a680f7c49eef2829289a
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7nis6IhwM2VkaQYGMsfULrq6bh3udsJRFujdG6Amz4uEpeq/HKuPH6NioKewQYIvhd86q67f3sY=
x-amz-request-id: 23SPP7AYT4VR13TK
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "6bd9449858dd1fc6d651a669742013a0"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 6432
megapari.com/registration/?tag=d_2032927m_25437c_
83.147.204.197308 Permanent Redirect 4.0 kB URL HTTP/2 megapari.com/registration/?tag=d_2032927m_25437c_
IP 83.147.204.197:0
ASN #202492 Silverhill Group Holding Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 3364f10c9798d1fccf3658fbaf380e39
36e89cd482bcae02de3980f0d6627978ef17c0e9
84a5316d39a7cf2222ff807b01ce0fe3738bd338823eb772746cf780c557abe4
GET /registration/?tag=d_2032927m_25437c_ HTTP/1.1
Host: megapari.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 308 Permanent Redirect
server: nginx
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=utf-8
location: https://megapari.com/registration?tag=d_2032927m_25437c_
x-frame-options: SAMEORIGIN
set-cookie: SESSION=923d3c4fc70018eed7348d739d34c05f; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_glhf=1675900240; expires=Wed, 08-Feb-2023 19:54:24 GMT; Max-Age=3600; path=/
dnb=1; path=/; httponly; samesite=lax
auid=U5PMxWPj7+ABZkgDA0B4Ag==; path=/; secure; httponly; samesite=lax
x-reason: 1079,1021
cache-control: no-cache, private
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.888sport.com/pt/spt/brazil-wel.htm?utm_campaign=100140589_1845934_nodescription&utm_content=100140589&utm_medium=casap&utm_source=aff
54.230.111.48200 OK 10 kB URL HTTP/2 www.888sport.com/pt/spt/brazil-wel.htm?utm_campaign=100140589_1845934_nodescription&utm_content=100140589&utm_medium=casap&utm_source=aff
IP 54.230.111.48:0
Hash 4df4534b45b23cf3c1ee6bdb6bb320fc
85a1e410805fd5cccf5d4b36973c40c46ae061e1
bdeff397fdb9240348332ca75ac11d0428371a19a9ad5d1bf6e7e1b587ea4a66
GET /pt/spt/brazil-wel.htm?utm_campaign=100140589_1845934_nodescription&utm_content=100140589&utm_medium=casap&utm_source=aff HTTP/1.1
Host: www.888sport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 888TempQueryCookie=sr%3D1845934; 888Cookie=lang%3Dpt%26OSR%3D1845934%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; 888TempContext=testdata%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 18:54:24 GMT
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com
cache-control: max-age=1800
x-wcs-correlation-id: F-o8ApwQEVCpuAtSJTJe_pJUxIArV2g8Me-WiZO56DSVxCBKAMtqlA==
srv: 44301334
set-cookie: 888TempQueryCookie=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=888sport.com; path=/; secure; samesite=none; httponly
888TempContext=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=888sport.com; path=/; secure; samesite=none; httponly
888Cookie=lang%3Dpt%26OSR%3D1845934%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=604800; domain=888sport.com; path=/; secure; samesite=none; httponly
apigw-requestid: ACJrFiprDoEEJIQ=
content-encoding: br
vary: Accept-Encoding,User-Agent,Cookie
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: F-o8ApwQEVCpuAtSJTJe_pJUxIArV2g8Me-WiZO56DSVxCBKAMtqlA==
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg
52.95.163.96200 OK 4.7 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8853bd27115e397897bd4cb017b25974
9222a4bb2bd074051219f421d091645205cfe469
07602828f362a01f43ad6b884638f7761f7abf4b7aff304fe3e80649288e78c6
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: o42aXlYCDp68qYmE1pdmPVl5YBAveF16gmuYTFfSWbbAHaublLcKjjUeAKJqlSbYFLVlkU5QUTc=
x-amz-request-id: 23STK4M32HZ4TGRA
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "8853bd27115e397897bd4cb017b25974"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4744
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg
52.95.163.96200 OK 2.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 82083b9fb03f35c93a9967ea4a1d7f94
721e1095e2f6914e6a6b1ead5b7bd5d610aea92a
6e4c4e43f1455c443d94b6342eaf61b296b30eab35d23edd498e1b66ddfbc06f
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: EV8jUv+wLG+1nRSloHHjf0nNpvv7Ci3t3KfWClRFcdoxanp+cHT6GKIpLZwa2ixpiycMzHjvmPU=
x-amz-request-id: 23SS5MAK5ZSPE8R5
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "82083b9fb03f35c93a9967ea4a1d7f94"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2844
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg
52.95.163.96200 OK 1.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 323d0b17d617eaabfb65e89cda2f23ad
17785ed5e122e73a467223ac2dc3caeadfaa1b25
676de7d4c29d435dca8dc96f33889ed90612cabdc8bf91b6cf2f41eaac197bb4
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: nqQQ0dSz/v4GtGU+dF9BBmKestHuRE73L3YclJI8pQ9orLoXy5kb5EWlAUDUEu0dbon3YDYPB1k=
x-amz-request-id: 23SRJ1RDM5G8G8YK
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "323d0b17d617eaabfb65e89cda2f23ad"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1800
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D
54.230.111.125200 OK 95 B URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D
IP 54.230.111.125:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Analyzer Verdict Alert fortinet Malware
GET /sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 95
date: Wed, 08 Feb 2023 18:53:50 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692044e5f2c57-FRA
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WNpgdRsGoftuDUYvPB36Ewh-jKrZemHEs-EFov9jy8DUXPZjwsmK8g==
age: 35
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
54.230.111.125200 OK 50 kB URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
IP 54.230.111.125:0
File type gzip compressed data, from Unix\012- data
Hash a0d50ebf19578d7ba9884b3608f9266e
301c2a2a99a88c82d9a684ecd5a8601e5e54dd28
3f66463cc179b3a309abf2aeec58a6aa6c8b516b59b9ffef2a0e99fe724c3c01
GET /sealassets/6f1312d0755711e1ca5b28de5db8fd82-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 49397
date: Wed, 08 Feb 2023 18:53:50 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7966920449c59c00-FRA
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4uWOfRyeGYtpZ0KFeUjoZHWhsxwm7Vi3D7P3SEYaMzzrwWVXoSATlg==
age: 35
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/8241.561f022d.js?v10263
185.76.9.21200 OK 25 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/8241.561f022d.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 0443a06c78b7aaa9ff5b61196866ec53
59081e010550cfcf88acec386d4572a41d811447
264800def75e4befe5ef69e1f901c8e4ba1bc16df5820122c083aa4e49a259a2
GET /build/8241.561f022d.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638a1703-150fc"
expires: Mon, 04 Dec 2023 14:08:18 GMT
last-modified: Fri, 02 Dec 2022 15:17:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e30d2965-febf-4021-80f6-568a1a44a16c-3382022
x-accel-expires: @1701698898
server: CDN77-Turbo
x-77-nzt: AblMCRT1n2n/D0ZXAA
x-77-nzt-ray: af5856305c80a3eee1efe3637756242b
x-cache: HIT
x-age: 5719567
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/index.167d78a0.js?v10263
185.76.9.21200 OK 43 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/index.167d78a0.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4549d5b4dea2ec2ed1e7cc54001a9e6a
10fbd556919e5fe3e9b95938ec067d325b01f3ba
51f1a6d9e87642d367bcb412349f82c82bad268dd525594a87cff2f5f39c7647
GET /build/index.167d78a0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-8f"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6eafba70-3be5-4902-b5a0-7206ef0b3652-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRRzpef/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe363498aeb2a
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.53d7bd27.js?v10263
185.76.9.21200 OK 8.9 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.53d7bd27.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 5f956b85ec01d5edb4bdb772cb8ea543
fe4f176cf8dd7568f5438bf9e0ae650c3a56e0aa
cdd047f993e282a7fa8fb2ed596f1fc105ca5426ff8cb6b6fd27fd89288ea931
GET /build/nsoftTopOfferJsBlock.53d7bd27.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-7ee9"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 3755bddb-5b97-498f-9593-c8374d91a0c9-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRQWqXb/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe3638f73b12c
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.edd5b843.js?v10263
185.76.9.21200 OK 63 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.edd5b843.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (48690)
Hash 05a100b93aa7bdcb32f621d9542f54d8
5070d20413969c27df0955995d6c7e7ccdde4f94
409104d8ed8176c8666755a1cd45ac64ad90c667e3ee0a9b582f18b58af33490
GET /build/vueLocaleBlock.edd5b843.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-1c45"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4e3a235f-d265-4a24-a4c6-066bbea393d6-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRQOPtX/kw1KAA
x-77-nzt-ray: af5856305c80a3eee1efe36366b0f92a
x-cache: HIT
x-age: 4853139
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.af895d81.js?v10263
185.76.9.21200 OK 45 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.af895d81.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 1ec14c065834d5faf69763a6d24d6f4d
ed779ae6cb206a0c78eb98a11487db3eb335eb39
25dd384a48c6ca50aa0841ad2238b4e211d9e731ccb926d060212d510e4afae4
GET /build/app.af895d81.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-c929"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 91eff718-2708-4238-a4cb-a59db88f5ab9-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRSjHc//kw1KAA
x-77-nzt-ray: af5856305c80a3eee1efe36325a8cf2a
x-cache: HIT
x-age: 4853139
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg
52.95.163.96200 OK 1.6 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ab7b5d27de627aa677fc8a285b942781
e36f294ec5bcf22f615e4af9329bdcf81fce6ee3
e8712dfee5f2d1b764ed7c69be66d4d1bc8dc0a0f2197e942387aa19f99e88a3
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /1OtSnyGezsUQQNRg1Jke3kAqMhIXduYJtghiQTfHle3NK9O6vEaqBQX+Dq8/UIOgP1tSdecFZQ=
x-amz-request-id: 23SRY474RSG0SYWR
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "ab7b5d27de627aa677fc8a285b942781"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1608
www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.fc209836.css?v10263
185.76.9.21200 OK 16 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.fc209836.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash f0e2ca0228938fd656be6aaeb11ca3a9
86ba35d6c9baef8f60da23db4591ef104302f52c
2badbed6115ca16f386e5345f0cfaa6ab0db240c82f74c9288c57734e0129839
GET /build/vueLocaleBlock.fc209836.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-c34"
expires: Sat, 04 Nov 2023 14:43:08 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: aec43579-b344-4ae8-a605-0ad163c9145c-3082022
x-accel-expires: @1699108988
server: CDN77-Turbo
x-77-nzt: AblMCRRVwuL/5cp+AA
x-77-nzt-ray: af5856305c80a3eee1efe363ebfef12a
x-cache: HIT
x-age: 8309477
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
br.betano.com/myaccount/ban/country-341629?alt=true
104.17.84.89200 OK 9.6 kB URL HTTP/2 br.betano.com/myaccount/ban/country-341629?alt=true
IP 104.17.84.89:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1487), with CRLF line terminators
Hash 9aebb380146357be67ea2d1fd2153bdb
f18250bd837702c5e78bf1c4e5113fb22db7cdb8
d49696a16ecb654e15b5da90b37ae67448fb47fef25c3b004fe738e3c6f92db8
GET /myaccount/ban/country-341629?alt=true HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=Owzj.oAX_mAvG2BS_G1ZfyFfgkORVefbuLVT6Ys5Mhw-1675882464-0-AcDels2LEVOoItRAw7GA3aPR8mEn6erhuYnlCy4VoTwaSzTgX8io0v0WGGl+nZ/hsKEsj6nPeJetdUDZtpzQcDA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.betano.com:*
set-cookie: __RequestVerificationToken=sn-QNX1tRK65kcsMMAHGOtXzdGTqUHoWIhQ3aNjmCc43plIRUiuMUjtqlIr63odyJwu9l0JVO70SIBcamJHHbd-42pJV8u5j9oQoJgPEzx81; path=/; secure; HttpOnly
sticky=stx76.144
x-farm: 03
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692d9880fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg
52.95.163.96200 OK 1.1 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b01a178a2ffa74630c0daa6d67a26f25
a71b96b59534b6b2f334f03106a9db91f07faf14
b02f9215394cd32d597063108bf93fc486908a37073a6d949ca53b82252218a3
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fUK1h5fTS/Gj5aP49hCy3dHhA3Qm5a9T6E/SrpxtwrfZvwBmzyU/P4EWffYRYHZz7tmQMtwo5Rw=
x-amz-request-id: E7MB0BF318XBE615
Date: Wed, 08 Feb 2023 18:54:27 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "b01a178a2ffa74630c0daa6d67a26f25"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1143
www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10263
185.76.9.21200 OK 55 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 679828024ee6f33280006d0623dacdc0
f060d6e967664d893b9f28544bf68fab3566104e
39890562b9fa0167164e0bdeb6be7a162e32652fd0f40922fe11f45546418ebe
GET /build/footerGameCategoriesBlock.d4480993.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-167f"
expires: Sat, 04 Nov 2023 14:43:08 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7350a3bb-2381-4ec8-872d-01f87bea1fe8-3082022
x-accel-expires: @1699108988
server: CDN77-Turbo
x-77-nzt: AblMCRT/Xur/5cp+AA
x-77-nzt-ray: af5856305c80a3eee1efe3635eb3022d
x-cache: HIT
x-age: 8309477
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg
52.95.163.96200 OK 3.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 82a8c1737556f9bf44d17e450393a191
48bca79f7fb606c4ad5fa5c36c0e01066f2e1d75
0ea54ac9ab54895a8cbacfeafe629f9d5fe42c1acdb1834cc43d8100290cad6e
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OXVQ91ghCRHdN12R+bJuApi+eAiF3w19HxZk9w/erwVoz4yJ4aInSHmMGmU2XaU1jSLF9Ld3T9o=
x-amz-request-id: E7M5GJ1XEAWWCNN8
Date: Wed, 08 Feb 2023 18:54:27 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "82a8c1737556f9bf44d17e450393a191"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3787
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg
52.95.163.96200 OK 22 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 131c8dd86f6ad201f5a6ba1364e2cee1
71333d90f56c25a8020f0c0295cc9b2fab555602
f11604fd0f3c4bb7810b500731f80761c0fb778d49bce4ad007bd38bd0098acb
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: en7s3Aaa45xBtQoS7HSu2EJKZhm6I40X1pilQV1VSfYnQNzSeNK1ilT6njXEn/MRfiqGuVU6O7w=
x-amz-request-id: 23SYY1GF1BA8KJ75
Date: Wed, 08 Feb 2023 18:54:26 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "131c8dd86f6ad201f5a6ba1364e2cee1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 21984
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg
52.95.163.96200 OK 1.4 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 480fbc2cb227ed53c815954cf150c86f
bfb5ffde0af383141abd65ba2ee599899457ce1e
480d0dc472f4e02acb903a68cde23bfcccf12382ff96df42d4775de9530c6e43
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: TK8VHFfl4Bfm0J8F2fTFSBcxFzh2q6YzvWrW7jWtx7VTE4w4hhbcGcWriyJaU2CmBQXrYCDMoxE=
x-amz-request-id: E7MEAQE7CXZ4AHPD
Date: Wed, 08 Feb 2023 18:54:27 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "480fbc2cb227ed53c815954cf150c86f"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1354
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg
52.95.163.96200 OK 5.3 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg
IP 52.95.163.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a64820b91d10fd4f986eff1ed262fafd
3b27421553ada42ef958a080c3869a751bf068d9
ad11bf8e95679d1ff9496f6d25b23d69b6541a8b64a8274da91797709bb3f116
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MdvEKjCGM7dNFvq5jyJKBw6MH9xg7tHubbs1UVue8oFPh78D4lzVQpMyN+ydmBsc9FuC+yW32q8=
x-amz-request-id: E7M0J6K8K8AXE2WP
Date: Wed, 08 Feb 2023 18:54:27 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "a64820b91d10fd4f986eff1ed262fafd"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5300
www.brazino-cdnsrv-cst.org/build/footerArticleBlock.61bbbba0.js?v10263
185.76.9.21200 OK 326 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerArticleBlock.61bbbba0.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Size 326 kB (326494 bytes)
Hash 02da6bcbda14522c58e480dbafab8af9
087af0bae199619c569cb3b56242b849fdf25e8b
0d02de5ad05b1656b5dcb241163679ab7679834b52227598abcaf6a06a41d095
GET /build/footerArticleBlock.61bbbba0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-321"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 987166a3-d42d-4099-96ee-a35f8aad0ba4-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRSvrvf/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe363b6f7242d
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
54.230.111.16200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
IP 54.230.111.16:0
Hash fde4d3457a50df6eb5c2e00c8f2ae5b3
e5cf16a28cc4234d5eaa77b2b0dd53f3522aa135
268ae6468593e886241a5aad414e64f7775e7ac13311ab55e9d35e34a24129ba
GET /ub.js?1673990108 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1865
date: Tue, 17 Jan 2023 21:41:41 GMT
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V2_hQjYCeKFp56IrMgfJVuw8h0RUEoKH_UNW6Y3HL4FcUjUs0IhJkg==
age: 1890766
X-Firefox-Spdy: h2
20bet.com/app/runtime.0fec2a017d8bf592.esm.js
104.22.34.208200 OK 19 kB URL HTTP/2 20bet.com/app/runtime.0fec2a017d8bf592.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (1365)
Hash 2713b1002a4f8fd574e32b61a441063e
30bfbe111d191b00fc17c98d853f102fe4b564d8
976c807df95498c0041d0a18d16aa2544a4ab9786a7d2873e2a00b565c32c0bc
GET /app/runtime.0fec2a017d8bf592.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:26 GMT
content-type: application/javascript
cf-ray: 796692e52cec2d59-ARN
etag: W/"63e25502-272e"
last-modified: Tue, 07 Feb 2023 13:41:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 5.7 kB IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 548a7ed238b02b021cf5cc5e074ce45c
c2e9ba59724d1c1b0b6cf0f54cc99f4aa91764cc
a7005df4ceb45d9317ec07e9405d9b7a3e54a648a9fc810f80952ef91a560a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73E39070473465F3E841493E0F1DB61784B3789C9632B200FDC39CEAB48AEE2C"
Last-Modified: Wed, 08 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15733
Expires: Wed, 08 Feb 2023 23:16:39 GMT
Date: Wed, 08 Feb 2023 18:54:26 GMT
Connection: keep-alive
20bet.com/app/main.77f2c52c95d2287f.esm.js
104.22.34.208200 OK 538 kB URL HTTP/2 20bet.com/app/main.77f2c52c95d2287f.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (46468)
Size 538 kB (537473 bytes)
Hash 238e465dee633028910911f5cb8cef8e
a9412ae9d6ece962e41ada4dc9b830ae25f4a407
e3e08d348a3d9fd0599163e995016bcb611af5acb8e51bdb3d3bdcfbcdfb479e
GET /app/main.77f2c52c95d2287f.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:26 GMT
content-type: application/javascript
cf-ray: 796692e52ce32d59-ARN
etag: W/"63e2551f-16d452"
last-modified: Tue, 07 Feb 2023 13:41:51 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263
185.76.9.21200 OK 3.1 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 811be24aa012366066f79271980b9a21
5dab5c1e35ba132426aa529aef2891e30ed801d2
df57a9664abd9d607f7750d77c6f5261a9ce714784818728bf6b9f97e0195f20
GET /build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d90b27-1265"
expires: Wed, 31 Jan 2024 14:35:47 GMT
last-modified: Tue, 31 Jan 2023 12:35:51 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e05aa218-aa0d-4a50-bfbc-13e085cc0f5c-312023
x-accel-expires: @1706711747
server: CDN77-Turbo
x-77-nzt: AblMCRTuAyj/nsgKAA
x-77-nzt-ray: af5856305c80a3eee1efe3636093f92c
x-cache: HIT
x-age: 706718
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ae0f440cfa73ee4c1e8442f755acf789
b32df9aadcbd3c32f74b715553c3d4997275fc62
6ba8a6c4f9524a29f6b53dcb6bed2b3b3ef930be4d731ceb18908ab91b7dae76
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "6BA8A6C4F9524A29F6B53DCB6BED2B3B3EF930BE4D731CEB18908AB91B7DAE76"
Last-Modified: Wed, 08 Feb 2023 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3339
Expires: Wed, 08 Feb 2023 19:50:05 GMT
Date: Wed, 08 Feb 2023 18:54:26 GMT
Connection: keep-alive
20bet.com/app/polyfills.5e91295279033faf.esm.js
104.22.34.208200 OK 36 kB URL HTTP/2 20bet.com/app/polyfills.5e91295279033faf.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (639)
Hash 95ed8bdf8bc8392e9c89685321eed576
96f7cba172c792847eb2cc65039804db9ccd8cbd
a38b67e5b60fd458f6f5afed83d8a74284449251c487e461c054eef0ea73d18f
GET /app/polyfills.5e91295279033faf.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:26 GMT
content-type: application/javascript
cf-ray: 796692e52cea2d59-ARN
etag: W/"63e25514-17687"
last-modified: Tue, 07 Feb 2023 13:41:40 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
a.sportradarserving.com/pixel?type=js&aid=1121&id=1859
18.185.230.98302 Moved Temporarily 3.2 kB URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1121&id=1859
IP 18.185.230.98:0
Hash 3a4697a7ed60015d8d48089f404d73ef
57d7938e498a9e2a35c44daa91d79be6a86deec0
9d3d005c5b00b8d1c1d7266f7160290d59bdaabb529d8138508997bb15f406c8
GET /pixel?type=js&aid=1121&id=1859 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 08 Feb 2023 18:54:26 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
Set-Cookie: zuuid=679249b7-e6a1-4244-ab0d-4708541319bb; path=/; expires=Thu, 08-Feb-2024 18:54:26 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675882466; path=/; expires=Thu, 08-Feb-2024 18:54:26 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675882466; path=/; expires=Thu, 08-Feb-2024 18:54:26 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.16200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.16:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Sun, 11 Dec 2022 09:08:36 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pzm02UlT2nPjxCLUAxvvxGRAYynFXE24PKqJC6NT3vj_juzskl887Q==
age: 5132752
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4749a51dd329695e7a07525096f5e31
508690298abdb7381ca8144aea2f36f629420779
b3f1c4d57a89e234b9823e5f789ccc3223fd7b0e7b5cc2322b80e429eff96ee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6350
Cache-Control: max-age=95990
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:27 GMT
Etag: "63e2ab0b-1d7"
Expires: Thu, 09 Feb 2023 21:34:17 GMT
Last-Modified: Tue, 07 Feb 2023 19:48:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
tracker.growthbuddy.app/track.js?e=pageview&u=&i=DV-02355017850611493202&v=1.0.0&uid=a0689b36-fd8b-4e03-90d2-8f1a3b03c490&_nc=1675882522946
54.74.8.139200 OK 0 B URL HTTP/2 tracker.growthbuddy.app/track.js?e=pageview&u=&i=DV-02355017850611493202&v=1.0.0&uid=a0689b36-fd8b-4e03-90d2-8f1a3b03c490&_nc=1675882522946
IP 54.74.8.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.js?e=pageview&u=&i=DV-02355017850611493202&v=1.0.0&uid=a0689b36-fd8b-4e03-90d2-8f1a3b03c490&_nc=1675882522946 HTTP/1.1
Host: tracker.growthbuddy.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
set-cookie: INGRESSCOOKIE=1675882468.425.105.881923|4755d7349ad2180cc27216e76023fb56; Path=/; Secure; HttpOnly
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
95.101.10.99200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 95.101.10.99:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1s7OalMcDo3kdZwoq27V9gT4OcVPO2IB2aaAsxwQVlLQht6tljITbw==
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 08 Feb 2023 18:54:27 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/configurations
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/configurations
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configurations HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f26e4a2d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/br
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/br
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/sport/list/-1/0/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f26e4c2d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/market-group-sorting/get-all-ordered
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-group-sorting/get-all-ordered
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-group-sorting/get-all-ordered HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f26e4e2d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/ip-data
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/ip-data
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/ip-data HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f27e692d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-countries
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/get-countries
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/get-countries HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f29ed22d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-currencies
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/get-currencies
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/get-currencies HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2aef72d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/data/provinces
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/provinces
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/provinces HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2aee42d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
104.22.34.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2cf1c2d59-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/data/rates
172.67.15.187204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/data/rates
IP 172.67.15.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/data/rates HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2ceecb511-OSL
X-Firefox-Spdy: h2
20bet.com/app/6629.5e3ae79726e54510.esm.js
104.22.34.208200 OK 37 kB URL HTTP/2 20bet.com/app/6629.5e3ae79726e54510.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (34318), with no line terminators
Hash 3956d4e04282ed71cd5aef46b1283bb7
2e5248ed96a5e4eb2b4ad9a2aa8291a4aa254182
80a2e663ea331fec6ff6290cb7d3833f7bc80d085f67daef36ab879f6e0e24b7
GET /app/6629.5e3ae79726e54510.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/javascript
cf-ray: 796692f04b462d59-ARN
etag: W/"63e2551f-860e"
last-modified: Tue, 07 Feb 2023 13:41:51 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/status
172.67.15.187204 No Content 0 B URL HTTP/2 platform.20bet.com/api/status
IP 172.67.15.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2cf10b511-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20bet.com/app/8416.089b97ec0fb7c863.esm.js
104.22.34.208200 OK 7.1 kB URL HTTP/2 20bet.com/app/8416.089b97ec0fb7c863.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (730), with no line terminators
Hash 3a764aaf1a7ca480e88b297bd1c7d8c2
f3c56f1bf8f8cb94f464df83b8725849a66f81c2
80a46981b3d9dedfa6746e7e756b730502ce1869c4a87516ac8ea391c82a5812
GET /app/8416.089b97ec0fb7c863.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/javascript
cf-ray: 796692f05b542d59-ARN
etag: W/"63e2550e-2da"
last-modified: Tue, 07 Feb 2023 13:41:34 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LeYXFIiAAAAAEinEF15OsBYNq5UXwmor7zuYO0g
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeYXFIiAAAAAEinEF15OsBYNq5UXwmor7zuYO0g
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash ba7bb8d0f4a363974a8f8a7918525f56
21578c80622cfa09dd55675c574827248e185f71
4494386bc89af9d8806675ff70d4cc53281aeeb01b9f841f3174b98da5f76076
GET /recaptcha/api.js?render=6LeYXFIiAAAAAEinEF15OsBYNq5UXwmor7zuYO0g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 18:54:28 GMT
date: Wed, 08 Feb 2023 18:54:28 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
18.185.230.98302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 18.185.230.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=679249b7-e6a1-4244-ab0d-4708541319bb; c=1675882466; zuuid_lu=1675882466
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 08 Feb 2023 18:54:28 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D679249b7-e6a1-4244-ab0d-4708541319bb
Set-Cookie: zuuid=679249b7-e6a1-4244-ab0d-4708541319bb; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675882468; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675882468; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
18.185.230.98200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
IP 18.185.230.98:0
File type ASCII text, with very long lines (1527), with no line terminators
Hash e0ec8a7f514bb26a7204dd4ac13beb1c
55d2096a752abbf518633d6cac68d3620aab47c3
6cf046afe04a40b8ee2aa13aa8183388aa7cf8e4ab7109cbee5962dd90ba48c7
GET /ul_cb/pixel?type=js&aid=1121&id=1859 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=679249b7-e6a1-4244-ab0d-4708541319bb; c=1675882466; zuuid_lu=1675882466
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Wed, 08 Feb 2023 18:54:28 GMT
Set-Cookie: zuuid=679249b7-e6a1-4244-ab0d-4708541319bb; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675882468; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675882468; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,445211668; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,445139668; path=/; expires=Thu, 08-Feb-2024 18:54:28 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
platform.20bet.com/api/match-statuses/get-all/br
172.67.15.187204 No Content 0 B URL HTTP/2 platform.20bet.com/api/match-statuses/get-all/br
IP 172.67.15.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/match-statuses/get-all/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:28 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2ceeeb511-OSL
X-Firefox-Spdy: h2
a2.adform.net/Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
185.167.164.37302 Found 705 B URL HTTP/2 a2.adform.net/Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
IP 185.167.164.37:0
Hash b6a9880adaf462ee774bc3c6168fed40
07c3c8e2805632257af5f980e34ad9d2c3506d52
4a5c9076b85e76c4b50fd046be2b9efbf7866c4e62186a3f87ced72aa7314cf4
GET /Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=| HTTP/1.1
Host: a2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 18:54:27 GMT
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 18:54:27 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash feccc7ab69fc2a96613118763cb9f23b
3a8438f25e33f5ad4bbb15497eab518c4dd833c6
b8e054de6c3da1a60497e9bd5a8bce779a4c8583b59da147290c6fd088c78d1c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:28 GMT
Last-Modified: Wed, 08 Feb 2023 17:47:23 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zjG1uc_K5nICJ4bWmur5Emu4VhgPzJcEwU_tWOvOBVWcSvWQoH0tOA==
Age: 4025
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash faf5953837b023318ab1d0334dba431e
09b09ad8f899a5318ead9d04c385602e4724c74d
501f9ff0b90c30639d1591301b84f82040ecd37ad4328543d11c3eee1f761db8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167023
Date: Wed, 08 Feb 2023 18:54:28 GMT
Etag: "63e3c01e-1d7"
Expires: Fri, 10 Feb 2023 17:18:11 GMT
Last-Modified: Wed, 08 Feb 2023 15:30:38 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IITrmdETw4I9no3Ln7jK0xmOuF4S9dcpZQ4d-PyISinN_h0xSUzUxg==
Age: 6453
www.brazino-cdnsrv-cst.org/build/tournamentsBlock.60cb2f9e.css?v10263
185.76.9.21200 OK 2.8 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/tournamentsBlock.60cb2f9e.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 60cc382c8ccdd337f21b0d629ddc9471
8742feb1172d5a8ae9a418ff0f52b0c708496965
3df2ece8b55143e3652ae4bee95fdcf5a841503114ae2e4bbe94133dc51912b9
GET /build/tournamentsBlock.60cb2f9e.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-4328"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 50c168e7-5431-4ef1-bf4a-554f1ef3107f-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRSgNLP/23ZTAA
x-77-nzt-ray: af5856305c80a3eee1efe363838b712b
x-cache: HIT
x-age: 5469915
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
platform.20bet.com/api/status
104.22.34.208200 OK 78 kB URL HTTP/2 platform.20bet.com/api/status
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d21a1b50c1286b4cb3ddc8ec4248b454
d64737dc19889f1a1d12a28d5d5bc68faba5f078
4a37e697931a8ad89d3b373003dd9bb2924eae6b3e455c5417af86caab8bb6b5
GET /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f31f7b2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-countries
104.22.34.208200 OK 4.7 kB URL HTTP/2 platform.20bet.com/api/data/get-countries
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9d6a6201c0f7cc6b502f0a35f441fd23
e0a54cceaf6b6cf2590a0690b8bfda537910bf1d
fd37424763c59209ccb673a9be1d297ea1674a03e5073e2de6608e1e73e89037
GET /api/data/get-countries HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2ef4d2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 16:53:21 GMT
expires: Wed, 07 Feb 2024 16:53:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 93667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.f8dfeb3a.css?v10263
185.76.9.21200 OK 13 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.f8dfeb3a.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash c3fcdf3b4427bd763fcab2ce221dea04
ee9f53aa9379d7a3453d60c33f00722de193056c
bd03feefb2b46290f5862f084789abe42f4d8cc29030b1006b58d49d27154211
GET /build/app.f8dfeb3a.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63aaf640-12aa2"
expires: Wed, 27 Dec 2023 13:49:14 GMT
last-modified: Tue, 27 Dec 2022 13:42:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4703b93d-5d87-453b-8fc2-68874eede269-3612022
x-accel-expires: @1703684954
server: CDN77-Turbo
x-77-nzt: AblMCRQFfhn/B/g4AA
x-77-nzt-ray: af5856305c80a3eee1efe3635fe20f2e
x-cache: HIT
x-age: 3733511
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5eecee8746b80be9e0c125cd1a6fbe62
6bb07051e8d9ef26d47f7df9846f589178d77cbb
adc26481b4eb6697f772d1d79de38769c179963e7e9df9b093d368f031472345
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:56:50 GMT
Expires: Tue, 14 Feb 2023 13:56:49 GMT
Etag: "6bb07051e8d9ef26d47f7df9846f589178d77cbb"
Cache-Control: max-age=499940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692f6ea73b4ed-OSL
20bet.com/custom-assets/logo.webp
104.22.34.208200 OK 14 kB URL HTTP/2 20bet.com/custom-assets/logo.webp
IP 104.22.34.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 38810a32194964dbdbf543e2a93e6a8c
e6c250ae7a2dd04c3473b6c03880c59960cabd74
7e7b70fbac7c9bd957367ddf9e51c883b7705307315a74899e94e04b0f1d6cd3
GET /custom-assets/logo.webp HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: image/webp
content-length: 13882
cf-ray: 796692f72bcf2d59-ARN
accept-ranges: bytes
age: 3173
cache-control: public, max-age=14400
last-modified: Wed, 08 Feb 2023 18:01:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
server: cloudflare
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8a2a96342631957c08d0542a9686b284
574843e8ff860757bf7c10480eab6008ee6cf2da
b736161780fe4575a4b28e208d326b74823d6c0d93bc6212b5bbf4b27aab7011
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B736161780FE4575A4B28E208D326B74823D6C0D93BC6212B5BBF4B27AAB7011"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Wed, 08 Feb 2023 20:32:27 GMT
Date: Wed, 08 Feb 2023 18:54:29 GMT
Connection: keep-alive
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1
3.64.45.35302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1
IP 3.64.45.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=5451cd32-fa88-4363-b83e-ac18d1d20c37; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
104.22.34.208200 OK 58 kB URL HTTP/2 platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with very long lines (915), with no line terminators
Hash 608818bf0be0075722564ed9bdd66105
0671f5ffe28262da4464c68936edc6c3ff806ac7
9b6b4dafd4dfdc18ef58dbf419c3572722656518e9ddd4f938e524c725577970
GET /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f30f6a2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 6.6 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
Hash 0f35806ca86a9aa9c04d4d58fe704380
53d828ec3c565ad07e029e62e6d8181efa778adb
4f8f95a250310214d20ce087670791cbd489c8c05e93419d0e06b74c640b69b6
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692df7f6f0b39-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5eecee8746b80be9e0c125cd1a6fbe62
6bb07051e8d9ef26d47f7df9846f589178d77cbb
adc26481b4eb6697f772d1d79de38769c179963e7e9df9b093d368f031472345
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 18:54:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:56:50 GMT
Expires: Tue, 14 Feb 2023 13:56:49 GMT
Etag: "6bb07051e8d9ef26d47f7df9846f589178d77cbb"
Cache-Control: max-age=499939,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692f6ec56b52d-OSL
scripts.prdredir.com/scripts/k_bcgame.js
172.64.100.29200 OK 2.7 kB URL HTTP/2 scripts.prdredir.com/scripts/k_bcgame.js
IP 172.64.100.29:0
File type ASCII text, with very long lines (4699)
Hash f7678b14ca8544c6f99ee7858f97c3bb
8b0fbe7f111f478d54914b584e8188f166cfdcff
76fd66fc9c9b4781548a1994905168cab1c0bf89c0dfabf80231cece77f609b8
GET /scripts/k_bcgame.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bc.game
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: dbca9f4d-ea65-478d-8cc3-2f8e474ea6de
etag: W/"23d1a28488ed4e92499ca48c1d338887"
x-runtime: 0.003724
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spbbniY5YK%2BWBjZoeui7DOx3t6yubVFzwQtiAbhCXiin8fwL2UbI1e3xFHcoq5g8RtIvnNkRqnNvMfU8I5MCXi771Mcc8hHKRu9Fd%2BfoQF5hruQYZyUVpS1mu0jiRkin%2FtCMeNCnIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692f61ce788b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/br
104.22.34.208200 OK 5.1 kB URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/br
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with very long lines (22834), with no line terminators
Hash 7451516538dae5cc026b1a6e93663236
1cf9909871fe162e9f6ad823cacdffdb35657562
2a9819820c735dd9da1053cc1d350391bf2e3ddd3d0ccaf932462c56e5dbd619
GET /api/sport/list/-1/0/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2df302d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/market-group-sorting/get-all-ordered
104.22.34.208200 OK 3.7 kB URL HTTP/2 platform.20bet.com/api/market-group-sorting/get-all-ordered
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with very long lines (23709), with no line terminators
Hash 7defa5dc934ac6b132e9a68849a23f3a
08de9c8e44bfed136b91e679357a8f4a6ad121f5
65e01e804ad82762ab8ce037aa6f517e3869f864e96efb94bb93304234afa755
GET /api/market-group-sorting/get-all-ordered HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2df402d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/configurations
104.22.34.208200 OK 6.9 kB URL HTTP/2 platform.20bet.com/api/v2/configurations
IP 104.22.34.208:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0da86e5ac5d12a89c592f1f9a905cc54
7cd2a460ee30fe66e32a50acd9566c15e85d9aad
8eb230f5e1545cfd593d088741cc1428fc4a7f9805a33be97987ef6817600be8
GET /api/v2/configurations HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2cf262d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/common.3697a9055d1996ae.esm.js
104.22.34.208200 OK 12 kB URL HTTP/2 20bet.com/app/common.3697a9055d1996ae.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (32302), with no line terminators
Hash 01d50227a896270b7b56daf99de242d0
7039082e0514d2352aac8678a22df58c7a0861bb
71117c93681c1beebefe532896a0a9b6119659ece3e6606040ba7aa7e5c59a83
GET /app/common.3697a9055d1996ae.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/javascript
cf-ray: 796692f05b4e2d59-ARN
etag: W/"63e25519-7e2e"
last-modified: Tue, 07 Feb 2023 13:41:45 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/5238.c643742b8f51fd51.esm.js
104.22.34.208200 OK 4.0 kB URL HTTP/2 20bet.com/app/5238.c643742b8f51fd51.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (12260), with no line terminators
Hash b16a0df93f9db8f9b1adf2c6597c04be
2e613a74b7e96045ad76d904eda76a8371eb51fd
8fba993e67ef0c154ecca68d267d48721bb362966aaf796dd38a2190d81c4d92
GET /app/5238.c643742b8f51fd51.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7bc982d59-ARN
etag: W/"63e2550e-2fe4"
last-modified: Tue, 07 Feb 2023 13:41:34 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
centrifugo.20bet.com/connection/websocket
104.22.34.208101 Switching Protocols 0 B URL HTTP/1.1 centrifugo.20bet.com/connection/websocket
IP 104.22.34.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connection/websocket HTTP/1.1
Host: centrifugo.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://20bet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OxFupPcCOtGMiZg5Yy9fyg==
Connection: keep-alive, Upgrade
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 Feb 2023 18:54:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZOaOHnQEH70OhrTi3Ckq6l+vO6U=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692f92dde0a3d-ARN
track.trackingtraffo.com/pixel/js?auth=v3eu8spg&event=visit
88.214.195.153200 OK 422 B URL HTTP/1.1 track.trackingtraffo.com/pixel/js?auth=v3eu8spg&event=visit
IP 88.214.195.153:0
Hash a84da22ba993cb90a87bbc7196a83564
284dae1447b59756ec476d581d6aad1ddd3218c3
98b0ce9e2f8df8f89c2adf5bcc0cf0eaf3b43c8b7fb26418f8a72179f4e6a440
GET /pixel/js?auth=v3eu8spg&event=visit HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 08 Feb 2023 18:54:29 GMT
Content-Type: text/javascript
Content-Length: 422
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10263
185.76.9.21200 OK 3.9 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 742a32394a6f4127cfcbb5a34d348bd6
8a612f9e8ce76845066606b7224ddb397d2f87cc
fa5314bb0be37655379b6cf293955319eb81bf2f44ff6faf1b5027ed83da411e
GET /build/runtime.c126acad.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-dcb"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4e1ee2d9-1244-4b1f-896b-8050d6811357-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRTLGTH/x8t+AA
x-77-nzt-ray: af5856305c80a3eee1efe3639bc72c2d
x-cache: HIT
x-age: 8309703
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3344694.js?sv=7
54.230.111.8200 OK 3.9 kB URL HTTP/2 static.hotjar.com/c/hotjar-3344694.js?sv=7
IP 54.230.111.8:0
File type ASCII text, with very long lines (7460)
Hash 626d18bbe040e6d379d8dd659d383fa8
7ee5d1408fe49ed017fb7b1c0d2bdeb8672b2c16
4426f74c1059d991a3da53e186dd5d7fff690accbd5dc64c30b6df5579645891
GET /c/hotjar-3344694.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 18:54:28 GMT
cache-control: max-age=60
etag: W/39ed1f133701d55702fdfc7be0a8d06b
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nbgOFOD5EecLS4vAsHOdPuHz9o9AcpvCpnuYF4rM8e7oXjLaXbXjnQ==
age: 10
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.64.45.35302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.64.45.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1e8605e2-17a2-4b1a-867e-3b85de4b5360; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675882469; path=/; expires=Thu, 08-Feb-2024 18:54:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
20bet.com/assets/banners/sport_welcome_bonus_slider1.webp
104.22.34.208200 OK 111 kB URL HTTP/2 20bet.com/assets/banners/sport_welcome_bonus_slider1.webp
IP 104.22.34.208:0
Size 111 kB (110866 bytes)
Hash 7c18b7ec42a71ba8a2dbc3f11ea6a697
23471fd3b473c73bf9022966f3cbebd061b84e6c
d326f7d104a9943981b61af462f0e3ecc84507823fe819d75b919116298dccb7
GET /assets/banners/sport_welcome_bonus_slider1.webp HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: image/webp
content-length: 109862
cf-ray: 796692fb28b12d59-ARN
accept-ranges: bytes
etag: "63e255d2-1ad26"
last-modified: Tue, 07 Feb 2023 13:44:50 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bd305b64dd008d099b8b9825a53948e8
5cb72fe92c1312cfc2b4cb5a784a8f84d9ff9a99
53f80532b77c8292cb04203788eac6a863d8d2a44015c82fb07508f88e7c967d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Last-Modified: Wed, 08 Feb 2023 17:45:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bd305b64dd008d099b8b9825a53948e8
5cb72fe92c1312cfc2b4cb5a784a8f84d9ff9a99
53f80532b77c8292cb04203788eac6a863d8d2a44015c82fb07508f88e7c967d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Last-Modified: Wed, 08 Feb 2023 17:45:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bd305b64dd008d099b8b9825a53948e8
5cb72fe92c1312cfc2b4cb5a784a8f84d9ff9a99
53f80532b77c8292cb04203788eac6a863d8d2a44015c82fb07508f88e7c967d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Etag: "63e2f700-116"
Last-Modified: Wed, 08 Feb 2023 17:59:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
www.brazino-cdnsrv-cst.org/build/5666.5a30bb8f.js?v10263
185.76.9.21200 OK 4.7 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/5666.5a30bb8f.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 6c47881988212a109356fddf3f6f2f7a
788f3b2892eaa11fce7a696449594b269e6f88a0
a72952dbcd263d723b19551d21b7d6218f2042a89f93975eea01e984c921f563
GET /build/5666.5a30bb8f.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-19bb"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d50fd946-ff11-4ba8-95e6-03ad6261aeeb-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRSZQfL/x8t+AA
x-77-nzt-ray: af5856305c80a3eee1efe363c4e9052e
x-cache: HIT
x-age: 8309703
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bd305b64dd008d099b8b9825a53948e8
5cb72fe92c1312cfc2b4cb5a784a8f84d9ff9a99
53f80532b77c8292cb04203788eac6a863d8d2a44015c82fb07508f88e7c967d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Last-Modified: Wed, 08 Feb 2023 17:45:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
20bet.com/assets/placeholders/games/190x190.png
104.22.34.208200 OK 7.0 kB URL HTTP/2 20bet.com/assets/placeholders/games/190x190.png
IP 104.22.34.208:0
File type PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 9283bd080c01ccbbb87480d4baecae32
f7bcba62d6571f4d33fd590d09510442bd3f3f47
8860cf92a6813fb4c5c96574e04f1aebfbe670f84d05a4563efbb8a1248ad4bc
GET /assets/placeholders/games/190x190.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/png
content-length: 6980
cf-ray: 796692fdbaf72d59-ARN
accept-ranges: bytes
etag: "63e255f2-1b44"
last-modified: Tue, 07 Feb 2023 13:45:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2
20bet.com/app/4089.cc1a089afebdaee0.esm.js
104.22.34.208200 OK 16 kB URL HTTP/2 20bet.com/app/4089.cc1a089afebdaee0.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (882), with no line terminators
Hash 6e85478cbf9ba6777b9f5016b837e6fa
9093634a87382e16c4930538b35d4ca7ffa64714
98e05e76ebeb09387d2beeee693d24a193dc06071cd39b94f9eafc33d8f472a5
GET /app/4089.cc1a089afebdaee0.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692fc69e32d59-ARN
etag: W/"63e2550e-372"
last-modified: Tue, 07 Feb 2023 13:41:34 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/4031.b91f4417cd75a26b.esm.js
104.22.34.208200 OK 11 kB URL HTTP/2 20bet.com/app/4031.b91f4417cd75a26b.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (1237), with no line terminators
Hash 6c50039e486f163957f555b27600fb95
3917e50626d9db8b2649fca86e211e5761236ea6
e2f78af327c1c33fd6b47ff134abcf11afd3e5c2a261fa9a4fe887df6db33f14
GET /app/4031.b91f4417cd75a26b.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcfb2d59-ARN
etag: W/"63e2550e-4d5"
last-modified: Tue, 07 Feb 2023 13:41:34 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/3048.9609a2d0804371c8.esm.js
104.22.34.208200 OK 12 kB URL HTTP/2 20bet.com/app/3048.9609a2d0804371c8.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (1994), with no line terminators
Hash 820632e9a73596a2df9a6d1caf30236f
53e26a7389fc13dd9e2f24e449c1794b679774cb
d0e1625c277ca5c87a787c75d642f45cb66f233ba24c795a96d6a2de9e5cf676
GET /app/3048.9609a2d0804371c8.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcf92d59-ARN
etag: W/"63e2551f-7ca"
last-modified: Tue, 07 Feb 2023 13:41:51 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.softswiss.net/i/s4/softswiss/DeepSea.webp
104.17.114.131200 OK 16 kB URL HTTP/2 cdn.softswiss.net/i/s4/softswiss/DeepSea.webp
IP 104.17.114.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fde522bffc9bebd610a377a263b31a88
564185b4fcc15bd1b7493e2ad6419990d1305e80
cafeb66db76789f25396063ef735a98a4229db1ca945c64d180cba35fa18ecc8
GET /i/s4/softswiss/DeepSea.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/webp
content-length: 15666
last-modified: Mon, 29 Mar 2021 10:15:02 GMT
etag: "6061a8a6-3d32"
expires: Thu, 09 Feb 2023 13:49:26 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 17536
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692fed955fabc-OSL
X-Firefox-Spdy: h2
bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63e3efdf680fad7724895732&utm_source=4cxse6dr
104.18.37.127200 OK 167 kB URL HTTP/2 bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63e3efdf680fad7724895732&utm_source=4cxse6dr
IP 104.18.37.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17020)
Size 167 kB (167197 bytes)
Hash 4cc201d35f1f9392e112c8d3224c0bef
32f17962835d38cfccf98b70e9f600ecb1191bb1
a45fde9ebe437e1822e6aeed56ad298b775280f6416940bc236756f2224bd470
GET /landing/sports-br?i=4cxse6dr&stag=17409_63e3efdf680fad7724895732&utm_source=4cxse6dr HTTP/1.1
Host: bc.game
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: max-age=8640000
cf-cache-status: MISS
server: cloudflare
cf-ray: 796692d9cf1fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
20bet.com/app/5352.a47af8ab3119be30.esm.js
104.22.34.208200 OK 16 kB URL HTTP/2 20bet.com/app/5352.a47af8ab3119be30.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (954), with no line terminators
Hash 591d73c4623397bff430ae5dc6d801f3
4dfbe248b86d05342907cccd75bbfdedea18354c
ef2031e94e8f54d576c5fd9f05ae28870771d39b07fa6ea6e0397005ca99fc8b
GET /app/5352.a47af8ab3119be30.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcfe2d59-ARN
etag: W/"63e25508-3ba"
last-modified: Tue, 07 Feb 2023 13:41:28 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 3d93d0b5625957c305912a4f4cf00bce
5992378c1c7cb19e620cd4facf3a91ab0cf217a6
df9ec31d3728aeb20a793de2fb8bf94dcbc8ca8f90812fcf74522873e7472aef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DF9EC31D3728AEB20A793DE2FB8BF94DCBC8CA8F90812FCF74522873E7472AEF"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8727
Expires: Wed, 08 Feb 2023 21:19:57 GMT
Date: Wed, 08 Feb 2023 18:54:30 GMT
Connection: keep-alive
www.brazino-cdnsrv-cst.org/build/tournamentsBlock.78fc6eb4.js?v10263
185.76.9.21200 OK 165 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/tournamentsBlock.78fc6eb4.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (3482)
Size 165 kB (165298 bytes)
Hash 9d3595c1badcd6b64c3660568454d7d4
3867c7601579f2d1b5c33d316010a950218d9b19
d4c8d5bd976eb4b72398578a63116695d638a2f14f4abfb8cd9c8a9f9ad1fc6a
GET /build/tournamentsBlock.78fc6eb4.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-d8c"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 774ecef5-a86b-4c69-bcd1-3152bfe61954-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRTKnlb/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe3634b09cf2b
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.softswiss.net/i/s4/softswiss/FireLightning.webp
104.17.114.131200 OK 10 kB URL HTTP/2 cdn.softswiss.net/i/s4/softswiss/FireLightning.webp
IP 104.17.114.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1404117786375a67f969e084fe108dd8
7afe581b92816844b2a669fd6cdde25ba8f079a9
3270d6a24ba89779f810008902a3f438b40beeb6a525d4e8a1134d0b7e94edca
GET /i/s4/softswiss/FireLightning.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/webp
content-length: 10548
last-modified: Thu, 27 Jun 2019 06:47:09 GMT
etag: "5d14666d-2934"
expires: Thu, 09 Feb 2023 13:49:26 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 16964
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692fee961fabc-OSL
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/visa.webp
54.230.245.218200 OK 6.6 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/visa.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ee2fad6bac293e4ca7ab69e783d4e2cd
f11c25ce6201ed8431bf370ba8163a8b96a629ea
75e10393bb2bf4d84cf86b733f85db33b66e7bf6e2538dc601d8772d2bfcad87
GET /logos/payments/visa.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 6550
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "ee2fad6bac293e4ca7ab69e783d4e2cd"
x-amz-version-id: pIXrhOThuPwmmXfQM00f4w8j43Wb2AWV
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y08O2690gS78OxDjyai5QsIX3hoK9rUWuRn5rE6PbW-09rFtmsfWAw==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/dinners_discover.webp
54.230.245.218200 OK 4.9 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/dinners_discover.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ea8d660b5467827c912554aabe647d5
4570f9ecbcb61f9a2c44cd16ab737fb0e2b4cebd
2221037740fca246343805287f1d37d254f7942155f6b4c8572ac553f1bad5c6
GET /logos/payments/dinners_discover.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 4926
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "6ea8d660b5467827c912554aabe647d5"
x-amz-version-id: UHAkVVlDSlfVyn0QaFp_FgwNMMIk82nh
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BT3NJ1v2XNfHF3R30L_A1nXMehMyTxvGsWqYheANsGoSEHweixGBQA==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/mastercard.webp
54.230.245.218200 OK 2.4 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/mastercard.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9819535f317a470cbe091587c3419fbe
9b5b6c30ca2c5190847498f23b144ff39c74b9d4
12bc46c585e9aaa0d800549310c3038384bb5158eccd4439d2b6223703192fa9
GET /logos/payments/mastercard.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 2386
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "9819535f317a470cbe091587c3419fbe"
x-amz-version-id: u7PXjQfxDKbNI6fOoUgizj8N9fNa7yWT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8TWBDWji-fJGJP5gLHycQDOYBod8KXSC8SteYZwQ1VW7O8U49-y3zg==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/skrill.webp
54.230.245.218200 OK 4.7 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/skrill.webp
IP 54.230.245.218:0
Hash e04404c70edceb14a05a8eaf847afcd2
732e1b84394bbe9a722e45ba79913fb0f34fa5e0
6f867e1706dee1ab4821420223f2bb0bd91ddf0f1f89dde7ac5f7fe9b89ad178
GET /logos/payments/skrill.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 4360
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "9a9c594671049f82d376caa8bc23f08c"
x-amz-version-id: v6EFlnbny3NLqAwMTVhEYyU3slRzfjts
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ouHGbvkJ5yk1SDf3jQeixqys4GTCA6i7k21CK10B3aUyA2aURwP5yg==
age: 84705
X-Firefox-Spdy: h2
20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
104.22.34.208200 OK 18 kB URL HTTP/2 20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
IP 104.22.34.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6149), with CRLF, LF line terminators
Hash 7fa21e3250ea3a83014956668134d1e0
769ffbe700308f9e7400fbb2d4529a72124a43a4
9c2cf83c6f05d89332beb1a8060b4aaa5cf32b4f834248f5d6d144d67a43dd35
GET /br?btag=668128_2340F497E7724DB9B10970111FEC03F5 HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=UTF-8
cf-ray: 796692db3fd22d59-ARN
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
set-cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; expires=Wed, 08-Mar-2023 00:00:00 GMT; Max-Age=2351136; path=/; secure; samesite=none
preferred-language=br; path=/; secure; httponly; samesite=lax
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/neteller.webp
54.230.245.218200 OK 4.9 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/neteller.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47bb0df8a3ee01f51ed82850b4c55391
1ba733d5f5b0cf3479c70a4b2ea34e3ef8d3b217
3a0b436b5a4f864b6677521211770d0053ec43815f8c6f7c543422512e3c2fea
GET /logos/payments/neteller.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 4862
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "47bb0df8a3ee01f51ed82850b4c55391"
x-amz-version-id: 8RbaJ7MP7LV79qt8v0kp8zh9BB1BW52T
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mWuMAuQHCUzFWQdTGg4i4eCJY8pcUhy7HCMij94znZM8ytjPa5GPDg==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/ecopayz.webp
54.230.245.218200 OK 11 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/ecopayz.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 655fa02c6cfd48264806295ab9c2f3dc
c4abba9520932ed352a85b34fd59a3a6978cfd22
29bd5b67b49f82e8b22afb6502cce95d9972f580406ed3cabc58498e762831fe
GET /logos/payments/ecopayz.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 11298
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "655fa02c6cfd48264806295ab9c2f3dc"
x-amz-version-id: bdHaBf_POQvEHZxa2qXczjd2tqXiAluR
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B_cGU9GHS8ZCRyfPOUIQxQxAR3JhHQ4zEgNbPRVc_MP9lCq3z-Jm4w==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/jeton.webp
54.230.245.218200 OK 5.9 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/jeton.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5b322abc074e92690294cbc4c91e7367
2eec25886d1b942709730e2ad20bf4175ac5a670
1b0d4b8ad5f4e4a48a81be2d13a2649d6b3c7cd41a501744c2525567d0d0bab8
GET /logos/payments/jeton.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5878
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "5b322abc074e92690294cbc4c91e7367"
x-amz-version-id: 3LxIFrbuND7xADVUotkoJ4KLlpdKaCIO
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7LPjSLE8Kuy-NotB6kkXDYr9EjHmnitaAAlfpGN1xLsn1476rAXPjg==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/interac.webp
54.230.245.218200 OK 2.0 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/interac.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cdab7fb995b7866403558f335543bda7
7e6664ba967fd7b2e4d974fdb935a34e05227c45
c995f3a08c8df5b312ca12754a9faf36a9ee44ace812217fcf71414ec89a707f
GET /logos/payments/interac.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1950
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "cdab7fb995b7866403558f335543bda7"
x-amz-version-id: IsVRXTBPMjrUqDJ0FxzCocQI4PQQyK0X
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g2LOsCwwYb3RrPF5PtJvRQvnR4HQuF-37a5Fgp37aoe8_-OfXMPuDA==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/cryptocurrency.webp
54.230.245.218200 OK 5.3 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/cryptocurrency.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4923661fefdfbe670be68a25329912eb
6ad90e59a44ea11896e12fb1b9832e9c7088c780
53eeb9d95673ea2018aa9a7033846d58c7592a0d068ba5778033e167f9e33361
GET /logos/payments/cryptocurrency.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5348
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "4923661fefdfbe670be68a25329912eb"
x-amz-version-id: b72gvm3FoOVUU.rPJwpoK6me7DPM5VqB
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmdOKdTAA7PAQgY8yDXDeoGZxpn4-DA7EvDdrFgVBWEUtlR_dcnzmw==
age: 84705
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/perfectmoney.webp
54.230.245.218200 OK 9.2 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/perfectmoney.webp
IP 54.230.245.218:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7bdbb0621ba893bb559e51169543deb5
a8579c46d6a94a2c89f2c489da5228cc51fe5ab5
764bc6ff2e5e83dd93def92c7acfb0c1ccd094c0231bc0adab4e52dc0fbbf136
GET /logos/payments/perfectmoney.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 9200
date: Tue, 07 Feb 2023 19:22:46 GMT
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
etag: "7bdbb0621ba893bb559e51169543deb5"
x-amz-version-id: OO_BasJwQQO0g.jv4KPj.MPmZ8lFDBrP
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9aT-2yWVVeEJ5bXvLxo1kqXhHD9Dq_sTARtuP-9Qo4Pm72ImVQqaEQ==
age: 84705
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
54.230.111.75200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 54.230.111.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hKzPHeBG3OFrTZY7G1ZblJCGzykncWQwK9WQsRVxdBbyaTRqov_ReQ==
age: 452664
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 18:54:30 GMT
access-control-allow-origin: *
etag: "63e36f34-2b"
expires: Wed, 08 Feb 2023 19:54:30 GMT
accept-ranges: bytes
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1
3.64.45.35302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1
IP 3.64.45.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4125c3e5-1330-42ce-b0e5-f016efbfbfa1 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:30 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=c131a7c8-f794-416c-86e9-8cea450fe6c2
3.64.45.35302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=c131a7c8-f794-416c-86e9-8cea450fe6c2
IP 3.64.45.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=c131a7c8-f794-416c-86e9-8cea450fe6c2 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:30 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D679249b7-e6a1-4244-ab0d-4708541319bb
3.64.45.35200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D679249b7-e6a1-4244-ab0d-4708541319bb
IP 3.64.45.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D679249b7-e6a1-4244-ab0d-4708541319bb HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4af9425f-14e5-420b-9552-14678cc8ce7a
3.64.45.35302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4af9425f-14e5-420b-9552-14678cc8ce7a
IP 3.64.45.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&cb=4af9425f-14e5-420b-9552-14678cc8ce7a HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:30 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.64.45.35200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.64.45.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=679249b7-e6a1-4244-ab0d-4708541319bb&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
socketv2.bc.game/socket.io/?p=01660a5948820814521863261151c1863261edbc&EIO=3&transport=websocket
172.64.150.129101 Switching Protocols 16 kB URL HTTP/1.1 socketv2.bc.game/socket.io/?p=01660a5948820814521863261151c1863261edbc&EIO=3&transport=websocket
IP 172.64.150.129:0
Hash 27230a0fbae3d21a7cda21fbda181f94
6c4921ef5447ecec137f4889021f119d4d203d05
5aea2ea321b6a1009a3616dc6f3bb60a69be2bb86e40999cf18f5b36d1f4f9af
GET /socket.io/?p=01660a5948820814521863261151c1863261edbc&EIO=3&transport=websocket HTTP/1.1
Host: socketv2.bc.game
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://bc.game
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DCJphPBIkDSMOr2X1QKQEA==
Connection: keep-alive, Upgrade
Cookie: invitation-code=4cxse6dr; invitation-url=https%3A%2F%2Fbc.game%2Flanding%2Fsports-br%3Fi%3D4cxse6dr%26stag%3D17409_63e3efdf680fad7724895732%26utm_source%3D4cxse6dr
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 Feb 2023 18:54:30 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: TmRXQP195Ah+lkCeLqh1evzvIsg=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796692f9cd44b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
bitslot.io/?stag=148527_63e3efdf680fad7724895731&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
104.18.18.207301 Moved Permanently 75 kB URL HTTP/2 bitslot.io/?stag=148527_63e3efdf680fad7724895731&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
IP 104.18.18.207:0
File type gzip compressed data, from Unix\012- data
Hash d3544074516029c4e441c4650643df1d
11013114b1955fd14ae4aeafabed391ae28ce6eb
8d4e8972f0e26188b8aef14aff3b0c50c8246a07f8b9f48886fac0b4307d83d2
GET /?stag=148527_63e3efdf680fad7724895731&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf HTTP/1.1
Host: bitslot.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 18:54:24 GMT
location: https://www.bitslot.io/?stag=148527_63e3efdf680fad7724895731&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
cache-control: max-age=3600
expires: Wed, 08 Feb 2023 19:54:24 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692d9fa6eb517-OSL
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
54.230.111.68200 OK 178 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 54.230.111.68:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size 178 kB (178069 bytes)
Hash 359008fe01078c59c66e034866170bd2
4a65a16a6f02824f60bc575ebcdeb53a490fa264
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 178069
date: Sun, 11 Dec 2022 10:48:36 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: "359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: okFV92UtdixJooerxoxhQNSw8m2SCzQOK9JhrQHuupsY4RiGcfTCaw==
age: 5126754
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 17:45:20 GMT
expires: Wed, 08 Feb 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 4150
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20bet.com/app/9117.59a1f36812423e88.esm.js
104.22.34.208200 OK 1.5 kB URL HTTP/2 20bet.com/app/9117.59a1f36812423e88.esm.js
IP 104.22.34.208:0
File type ASCII text, with very long lines (1998), with no line terminators
Hash 92d3435ff25c825c20e30c6b2b9931c4
3064ff40de9a9fe348c6b202b4e735eb24f019a2
0da70f3e3d4879c8510848697372ff623861b5ec6e2f08c14b3aed17c516bb9c
GET /app/9117.59a1f36812423e88.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcee2d59-ARN
etag: W/"63e25519-7ce"
last-modified: Tue, 07 Feb 2023 13:41:45 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&advertiser_id=28969
23.38.201.50200 OK 137 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&advertiser_id=28969
IP 23.38.201.50:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c2efd63e68677d1c9e9f0b77cc7ff2e2
1c723ba37fec821866a2827e22ee06c4c4c8a0f3
8402d19b9437596b4cc54f53f2d4ed5ce193907ecb48d05f35344c6d235dc251
GET /v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&advertiser_id=28969 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.betwarrior.bet/
Origin: https://promo.betwarrior.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 137
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://promo.betwarrior.bet
Observe-Browsing-Topics: ?1
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Wed, 08 Feb 2023 18:54:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Feb 2023 18:54:30 GMT
Connection: keep-alive
Set-Cookie: ar_debug=1; Path=/; HttpOnly; Secure; SameSite=None
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 83 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65250)
Hash 2972a93328ca26809a3b441a3f04af83
3e4c14cad3e5d75cad244aeb0080110bc6d87c6e
39b43cb65256d350659eff8e0fd6929aff4ac46f11efb665f77e157c249b3a2b
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.betwarrior.bet
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduk72ik3kr4TMdMP0mTnv6N7-IlMwmeDaoRuIMaSUTW2OpmFS3KcOGcG2L7A1htE4gr55nDQN4lrpL39gzS75LsWs4HRSve
x-goog-generation: 1675872866784879
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 286366
x-goog-hash: crc32c=oo0x1w==, md5=YTm49bY6k61isEwza8W0EA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
vary: Accept-Encoding
content-encoding: br
content-length: 82745
date: Wed, 08 Feb 2023 18:13:05 GMT
expires: Wed, 08 Feb 2023 19:13:05 GMT
cache-control: public, max-age=3600
age: 2485
last-modified: Wed, 08 Feb 2023 16:14:26 GMT
etag: W/"6139b8f5b63a93ad62b04c336bc5b410"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 84cccf80ec0f30a53ef512f24cf43bc7
2cc50d5b786996899dafc314dd00c79886d1b2be
ebd94be13024ea7881bc86f1c2b3349fe6e02849706e3c3fc5f14a6cd08c2ae9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97948
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Etag: "63e2cb82-118"
Expires: Thu, 09 Feb 2023 22:06:58 GMT
Last-Modified: Tue, 07 Feb 2023 22:06:58 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
IP 142.250.74.163:0
Hash 6d4aa3bda9cf17e48116f3932d2b5ec7
e0eb602be6f5e07672b96e1c9bcc1004f818f95e
938daf705af837e3dac3b6ae83bc18a11da8f3384fa5be597e1d3afa89f7ae40
POST /s/gts1d4/Hq1Kz8ZiT_Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 33 kB IP 93.184.220.29:0
Hash 6e5b852b48e9cae7827bf54a7965cd17
ba9af2ca8304fbcee8f770542a5198dc0497b216
24a5b6b34a774072be8828b1c69258b245216646fef1e84f4b19f98c1def9ee6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Last-Modified: Wed, 08 Feb 2023 18:17:08 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 03ef4e6423d2aefd49d6b4015df80bf8
d955bdb58f3beaa0c521d25eafe1e1c22921a631
ae0b23837f6909a0ce290531d20b1142085047b0fb68477ee26b3a37bbb2fd86
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2752
Cache-Control: max-age=109716
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 18:54:30 GMT
Etag: "63e2eeba-117"
Expires: Fri, 10 Feb 2023 01:23:06 GMT
Last-Modified: Wed, 08 Feb 2023 00:37:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0d370f8d9239374cd2f765340e2e67c8
5fb8bca1d2934da69871d3c006d78d54daea052d
d269ec25d619da1dd10a65e160936701d8bf86796018bfc0432f02017f12eebc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124060
Date: Wed, 08 Feb 2023 18:54:30 GMT
Etag: "63e32c7f-1d7"
Expires: Fri, 10 Feb 2023 05:22:10 GMT
Last-Modified: Wed, 08 Feb 2023 05:00:47 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IaQmkUyjrlyWo_rp6JwL6NwiwXrJ13sch6U7XjY7fhvw8O27d4HyxA==
Age: 1283
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0d370f8d9239374cd2f765340e2e67c8
5fb8bca1d2934da69871d3c006d78d54daea052d
d269ec25d619da1dd10a65e160936701d8bf86796018bfc0432f02017f12eebc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 18:54:30 GMT
Last-Modified: Wed, 08 Feb 2023 18:33:30 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z3S5ZOvRcdxalEMXeYT3qkDjVoR0qgaGBzR5mearyDMTgBtnr7sl4Q==
Age: 1260
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0d370f8d9239374cd2f765340e2e67c8
5fb8bca1d2934da69871d3c006d78d54daea052d
d269ec25d619da1dd10a65e160936701d8bf86796018bfc0432f02017f12eebc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124035
Date: Wed, 08 Feb 2023 18:54:31 GMT
Etag: "63e32c7f-1d7"
Expires: Fri, 10 Feb 2023 05:21:46 GMT
Last-Modified: Wed, 08 Feb 2023 05:00:47 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bv5uMd4FzeClH3O36kanke32cyaFqoUkEPJn9TwBRF0WneYuVf8gWQ==
Age: 1259
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:31 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=679249b7-e6a1-4244-ab0d-4708541319bb&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 18:54:31 GMT
X-Firefox-Spdy: h2
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&user_session_id=b7273aac-b084-4766-a79f-c461574e9a21
184.50.201.47200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&user_session_id=b7273aac-b084-4766-a79f-c461574e9a21
IP 184.50.201.47:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&user_session_id=b7273aac-b084-4766-a79f-c461574e9a21 HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 08 Feb 2023 18:54:31 GMT
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263
185.76.9.21200 OK 694 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (604)
Hash 0f0f426d551c606ffbee3e83a7095e76
6ebf674127d4f0592d0675ce0ad3654acf89be20
b29fdc82a7cca1954e3001b259133e3bb0e400793406ea25107fb22f61235eb1
GET /files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6267cd39-50c"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Tue, 26 Apr 2022 10:45:13 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b2e21ae4-892b-4679-9f4d-c594fbc6ba7d-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRRhdtn/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36390f3e107
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Play-n-GO-7958.svg?v10263
185.76.9.21200 OK 1.7 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Play-n-GO-7958.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1097)
Hash 9ddb19d2b78596cbb44b5088bab15336
cff50b4b7e1841eb0b768436fce214a246ba2b88
0626856a85d97f0bc63266d947f9a5702404adbbc908f2b79c845fa7d7d04792
GET /files/categories/Play-n-GO-7958.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"616fec94-b63"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Wed, 20 Oct 2021 10:16:52 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d12bf713-4de8-4b67-a537-981473f8fa3d-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRSyQYb/4a9SAA
x-77-nzt-ray: af5856305c80a3eee7efe363ac891d0f
x-cache: HIT
x-age: 5418977
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
refpaiozdg.top/L?tag=d_2032927m_25437c_&site=2032927&ad=25437&r=registration/
45.135.120.29303 See Other 0 B URL HTTP/2 refpaiozdg.top/L?tag=d_2032927m_25437c_&site=2032927&ad=25437&r=registration/
IP 45.135.120.29:0
GET /L?tag=d_2032927m_25437c_&site=2032927&ad=25437&r=registration/ HTTP/1.1
Host: refpaiozdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
server: nginx
date: Wed, 08 Feb 2023 18:54:23 GMT
cache-control: private
location: https://megapari.com:443//registration/?tag=d_2032927m_25437c_
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
record.platincasinoaffiliates.com/_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/
104.18.192.136301 Moved Permanently 0 B URL HTTP/2 record.platincasinoaffiliates.com/_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/
IP 104.18.192.136:0
GET /_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/ HTTP/1.1
Host: record.platincasinoaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://www.platincasino.com/br/lp/sports?ma_token=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk&ma_affiliate_id=2541
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KSxTNFguI0BTLVMkVApgCg%3D%3D; expires=Thu, 08-Feb-2024 18:54:23 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=PS5bBqWlOVnptHSKI-VsGmNd7ZgqdRLk; expires=Thu, 08-Feb-2024 18:54:23 GMT; Max-Age=31536000; path=/; domain=.platincasinoaffiliates.com; secure; HttpOnly; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692d608cab50b-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/data/rates
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/v2/data/rates
IP 104.22.34.208:0
GET /api/v2/data/rates HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f30f6f2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/6612.8b90df75e8984f5b.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/6612.8b90df75e8984f5b.esm.js
IP 104.22.34.208:0
GET /app/6612.8b90df75e8984f5b.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcf02d59-ARN
etag: W/"63e25514-4ac"
last-modified: Tue, 07 Feb 2023 13:41:40 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/apollo-5450.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/apollo-5450.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/apollo-5450.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e49d-33ab"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 27 Aug 2021 13:11:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9adee89a-b89e-4cec-8e59-905be1d2373e-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRQmoXv/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36315f43508
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/pragmatic-5704.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/pragmatic-5704.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/pragmatic-5704.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb9b6-4f5"
expires: Thu, 07 Dec 2023 18:16:23 GMT
last-modified: Thu, 01 Jul 2021 12:48:54 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 09596771-d15b-4c5e-bb44-9dafe1c0293e-3412022
x-accel-expires: @1701972983
server: CDN77-Turbo
x-77-nzt: AblMCRQnOqj/cBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3633332ae10
x-cache: HIT
x-age: 5445488
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Quickspin-4885.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Quickspin-4885.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Quickspin-4885.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbede-644"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Thu, 01 Jul 2021 13:10:54 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 72da6e4b-9bce-4166-982d-f90d6f05eb51-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRRxKi3/4a9SAA
x-77-nzt-ray: af5856305c80a3eee7efe3630220ea10
x-cache: HIT
x-age: 5418977
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSliderBlock.5e45dee0.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSliderBlock.5e45dee0.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueSliderBlock.5e45dee0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63a331ad-2ad7"
expires: Thu, 21 Dec 2023 16:47:57 GMT
last-modified: Wed, 21 Dec 2022 16:17:49 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6427d264-beb2-409d-b4c5-751d4402e256-3552022
x-accel-expires: @1703177277
server: CDN77-Turbo
x-77-nzt: AblMCRT6ZCb/JLdAAA
x-77-nzt-ray: af5856305c80a3eee1efe363cf02302b
x-cache: HIT
x-age: 4241188
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Rabcat-5362.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Rabcat-5362.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Rabcat-5362.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbdb1-435"
expires: Thu, 07 Dec 2023 18:16:23 GMT
last-modified: Thu, 01 Jul 2021 13:05:53 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 5860f188-3fe8-4bcf-98a3-cf50bb6206cb-3412022
x-accel-expires: @1701972983
server: CDN77-Turbo
x-77-nzt: AblMCRTE1wb/cBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363bde9f310
x-cache: HIT
x-age: 5445488
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/ip-data
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/v2/ip-data
IP 104.22.34.208:0
GET /api/v2/ip-data HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2df452d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/1549.cf9c18bc5ec878d1.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/1549.cf9c18bc5ec878d1.esm.js
IP 104.22.34.208:0
GET /app/1549.cf9c18bc5ec878d1.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f77c332d59-ARN
etag: W/"63e2551f-24c"
last-modified: Tue, 07 Feb 2023 13:41:51 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/thunderkick-5276.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/thunderkick-5276.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/thunderkick-5276.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddc551-275"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Thu, 01 Jul 2021 13:38:25 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: db005d49-6a6a-403a-9e74-f25520b4affc-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRSX6jX/bBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363224c2a13
x-cache: HIT
x-age: 5445484
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
adtraffic.agency/hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&date=1675882526288&tid=tid-482d09012.279ffe109
172.67.133.173200 OK 0 B URL HTTP/2 adtraffic.agency/hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&date=1675882526288&tid=tid-482d09012.279ffe109
IP 172.67.133.173:0
GET /hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_31FE330CD5BB4A3D94E4EB1CBE0A3728&date=1675882526288&tid=tid-482d09012.279ffe109 HTTP/1.1
Host: adtraffic.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.betwarrior.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c65cd59e-8cc8-4809-be80-526498a81271
x-download-options: noopen
etag: W/"6c7103ecfc39f84c578d4f4bccd16e7e"
x-runtime: 0.047053
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWfe3drGTUA4Gv%2FTAEX%2FNodN%2FVDW51QGakqHJf9jxuFyucnNqhJcP9IpZLbvv%2FfJNM7xux0DutLgD5bmUq8FIjajA5QvQGTK54SUMh%2FmK%2FpH%2BXsl4d7vlS8512GQyVw%2B%2BD12"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796693025a32b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/authenticgaming-4525.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/authenticgaming-4525.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/authenticgaming-4525.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e4ea-8c0"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Fri, 27 Aug 2021 13:13:14 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2a5e6e13-25ab-4dc3-beb3-22087c89fde5-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRSncMH/4a9SAA
x-77-nzt-ray: af5856305c80a3eee7efe363f9635208
x-cache: HIT
x-age: 5418977
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/endorphina-4844.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/endorphina-4844.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/endorphina-4844.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb8f9-6ee"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:45:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7ba2ab9d-a2d9-4afc-b2e3-82912658d058-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRTP8tH/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36393b5070b
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Triple-Edge-Studios-3639.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Triple-Edge-Studios-3639.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Triple-Edge-Studios-3639.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f181b9-9df"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Fri, 16 Jul 2021 12:55:21 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9edfc1ab-b759-46c5-a7cb-56e29c294b41-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRQV6hD/bBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363d9b14a13
x-cache: HIT
x-age: 5445484
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/1spin4win-2938.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/1spin4win-2938.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/1spin4win-2938.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"616ee79e-524"
expires: Thu, 07 Dec 2023 18:16:28 GMT
last-modified: Tue, 19 Oct 2021 15:43:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: c9890d8f-2934-44ff-ba78-690ec3a40694-3412022
x-accel-expires: @1701972988
server: CDN77-Turbo
x-77-nzt: AblMCRRNrxP/axdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363efe06114
x-cache: HIT
x-age: 5445483
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
104.17.133.181302 Found 0 B URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
IP 104.17.133.181:0
GET /pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://help.br.betboo.com/closed?sb=1&wm=5314017
cache-control: private
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 162.158.110.243
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://www.br.betboo.com:80/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017;Ip=91.90.42.154;Path=/;Domain=.betboo.com;Expires=Wed, 08-Feb-2023 18:59:23 GMT;secure;HttpOnly
__cf_bm=OjG5AmbwuYrRaZve8bWcENSrGR3zKEuxIEgDhbBWIqE-1675882463-0-Af7LED0BVfvLMMcMMpB6h0/A0JRV9+eettDWrC0LPRnDA5clzP5tYz7+vqu67TJhavFDhGtrKK1iABi3uuMwGhw=; path=/; expires=Wed, 08-Feb-23 19:24:23 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 796692d5dd76b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
20bet.com/configuration.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/configuration.js
IP 104.22.34.208:0
GET /configuration.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/javascript; charset=UTF-8
cf-ray: 796692df0d972d59-ARN
cache-control: no-cache, no-store, private
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/1265.286a2209.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/1265.286a2209.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/1265.286a2209.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-2ed5"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f5478a6e-99b9-4040-86dd-00454a5af8fb-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRR573H/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe36303e2552b
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-outcomes/br
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-outcomes/br
IP 104.22.34.208:0
GET /api/market-descriptions/get-all-outcomes/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f31f762d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/5051.bc8a43a20e262efb.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/5051.bc8a43a20e262efb.esm.js
IP 104.22.34.208:0
GET /app/5051.bc8a43a20e262efb.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f85d942d59-ARN
etag: W/"63e25508-c1d"
last-modified: Tue, 07 Feb 2023 13:41:28 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/1X2gaming-4681.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/1X2gaming-4681.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/1X2gaming-4681.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbde8-b46"
expires: Thu, 07 Dec 2023 18:16:28 GMT
last-modified: Thu, 01 Jul 2021 13:06:48 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 8c31a838-c0ab-4219-b882-da579ad148d2-3412022
x-accel-expires: @1701972988
server: CDN77-Turbo
x-77-nzt: AblMCRSLf0v/axdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36319397c14
x-cache: HIT
x-age: 5445483
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Switch-Sudios-5274.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Switch-Sudios-5274.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Switch-Sudios-5274.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f1854c-4ff"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Fri, 16 Jul 2021 13:10:36 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 27d0cfde-420b-46e8-a5ae-2d3f9f779d02-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRTPHZr/bBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36378ec0913
x-cache: HIT
x-age: 5445484
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
104.16.131.238302 Found 0 B URL HTTP/2 promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
IP 104.16.131.238:0
GET /pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136 HTTP/1.1
Host: promo.bwin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://help.bwin.com/closed?sb=1&wm=5314018&zoneId=2081136
cache-control: private
vary: User-Agent
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 162.158.110.50
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://promo.bwin.com:80/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136;Ip=91.90.42.154;Path=/;Domain=.bwin.com;Expires=Wed, 08-Feb-2023 18:59:23 GMT;secure;HttpOnly
__cf_bm=a1YxKGWyJ4k8Tr9nj1umSLijT9hug3ZnaghoJh9sl4w-1675882463-0-AZt+NQLxpFfUxBMoWZluBLNL8WTjaCU5X3FdWI9EhBlsUxNqd2VrbwpgaS3YebZnVOC6fuo32tf2uzyf8jMhylxSytaXLf5K57N56CWzJGdz; path=/; expires=Wed, 08-Feb-23 19:24:23 GMT; domain=.bwin.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 796692d5ec54b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/habanero-6832.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/habanero-6832.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/habanero-6832.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb954-e12"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Thu, 01 Jul 2021 12:47:16 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b3441ac2-00db-4434-b6cc-9eaac2291e49-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRTVBa7/4a9SAA
x-77-nzt-ray: af5856305c80a3eee7efe36373b9cc0d
x-cache: HIT
x-age: 5418977
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.4ea4a3a6.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.4ea4a3a6.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueSearchFormBlock.4ea4a3a6.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638df9a5-1720"
expires: Wed, 06 Dec 2023 00:40:16 GMT
last-modified: Mon, 05 Dec 2022 14:01:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f5263115-554a-473e-8d89-32e2070f64d4-3402022
x-accel-expires: @1701823216
server: CDN77-Turbo
x-77-nzt: AblMCRQRRNr/cWBVAA
x-77-nzt-ray: af5856305c80a3eee1efe363b80e402b
x-cache: HIT
x-age: 5595249
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/6485.c5e5798c269cfd52.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/6485.c5e5798c269cfd52.esm.js
IP 104.22.34.208:0
GET /app/6485.c5e5798c269cfd52.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/javascript
cf-ray: 796692f05b512d59-ARN
etag: W/"63e25514-30e"
last-modified: Tue, 07 Feb 2023 13:41:40 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
adjs.media/resources/content/betwarrior.js
188.114.96.1200 OK 0 B URL HTTP/2 adjs.media/resources/content/betwarrior.js
IP 188.114.96.1:0
GET /resources/content/betwarrior.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=604800, private
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 326c6625-f96e-428c-ac31-8f24d612c071
x-download-options: noopen
etag: W/"c00b4fe1e029000c3b11359c21279c5d"
x-runtime: 0.002777
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb1kK7XSS0hOWeYO9PXAbXTPGAlHmcz1HcQM0hJcGEorfO0Y%2BxNrRPnm7JyMvmofFvwEVBWGQ5GEyaHG1H5M%2FA8H4jNHll1cI2hmpfJj%2BDQ95S2tyiqWPJWVLG%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692ffbe38b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Big-Time-Gaming-7521.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Big-Time-Gaming-7521.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Big-Time-Gaming-7521.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f181ff-a9b"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 16 Jul 2021 12:56:31 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 16f66a31-9331-4caa-8bf8-b293c995faee-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSwvJX/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3633ea03c09
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Crazy-Tooth-4753.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Crazy-Tooth-4753.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Crazy-Tooth-4753.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f181d8-29b"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 16 Jul 2021 12:55:52 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 8a6bca7f-70d2-4073-9449-d5f98aadaec6-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRTRdHv/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3634e3c2f0a
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/we-are-casino-7384.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/we-are-casino-7384.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/we-are-casino-7384.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e460-ccc"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Fri, 27 Aug 2021 13:10:56 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 926b96b9-873f-4ef6-813d-16d229d87ed5-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRQbbuP/bBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363e6576d13
x-cache: HIT
x-age: 5445484
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"636bd459-42c0"
expires: Mon, 13 Nov 2023 17:42:29 GMT
last-modified: Wed, 09 Nov 2022 16:24:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 10f59e3e-899d-4a67-b681-37f9b5834fad-3172022
x-accel-expires: @1699897349
server: CDN77-Turbo
x-77-nzt: AblMCRTm3oT/XMNyAA
x-77-nzt-ray: af5856305c80a3eee1efe3635415eb2c
x-cache: HIT
x-age: 7521116
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_second.svg
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_second.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/images/footer/licenses/license_desktop_second.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"639a0c2c-67391"
expires: Thu, 14 Dec 2023 21:01:25 GMT
last-modified: Wed, 14 Dec 2022 17:47:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7214411d-15e7-4c91-82f0-bf4ccc77da4f-3482022
x-accel-expires: @1702587685
server: CDN77-Turbo
x-77-nzt: AblMCRRVltj/QrZJAA
x-77-nzt-ray: af5856305c80a3eee7efe363c1036000
x-cache: HIT
x-age: 4830786
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.d0cda288.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.d0cda288.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueSearchFormBlock.d0cda288.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63e1280b-1b10"
expires: Tue, 06 Feb 2024 16:28:44 GMT
last-modified: Mon, 06 Feb 2023 16:17:15 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 49cc55a7-595e-4a42-9f76-07f1d63d022f-372023
x-accel-expires: @1707236924
server: CDN77-Turbo
x-77-nzt: AblMCRS/oZfvJcUCAA
x-77-nzt-ray: af5856305c80a3eee1efe363951f4b2b
x-cache: HIT
x-age: 181541
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/1969.7394f3f65ee00bbc.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/1969.7394f3f65ee00bbc.esm.js
IP 104.22.34.208:0
GET /app/1969.7394f3f65ee00bbc.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f85d932d59-ARN
etag: W/"63e25502-29b"
last-modified: Tue, 07 Feb 2023 13:41:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-currencies
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/data/get-currencies
IP 104.22.34.208:0
GET /api/data/get-currencies HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2ff5a2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/match-statuses/get-all/br
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/match-statuses/get-all/br
IP 104.22.34.208:0
GET /api/match-statuses/get-all/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f3afea2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/78993edcfdea7b0b09182ca5c18218e9.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/78993edcfdea7b0b09182ca5c18218e9.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/78993edcfdea7b0b09182ca5c18218e9.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63877b8f-281"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Wed, 30 Nov 2022 15:49:35 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d58f6e74-44ae-44fa-a806-6601b4d3ea37-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRTjmov/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363e98dd60d
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/XPro-Gaming-2923.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/XPro-Gaming-2923.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/XPro-Gaming-2923.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e486-2722"
expires: Thu, 07 Dec 2023 18:16:28 GMT
last-modified: Fri, 27 Aug 2021 13:11:34 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f3839ad3-4950-4daa-93b5-0d6f0924d598-3412022
x-accel-expires: @1701972988
server: CDN77-Turbo
x-77-nzt: AblMCRTMntv/axdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3635cfbd513
x-cache: HIT
x-age: 5445483
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Pariplay-1141.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Pariplay-1141.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Pariplay-1141.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbe76-1ad2"
expires: Thu, 07 Dec 2023 18:16:23 GMT
last-modified: Thu, 01 Jul 2021 13:09:10 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 539ba252-4e70-414c-9b95-1508be196e88-3412022
x-accel-expires: @1701972983
server: CDN77-Turbo
x-77-nzt: AblMCRSDa3j/cBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36314204f0f
x-cache: HIT
x-age: 5445488
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.platincasino.com/no/home.html
23.36.79.11200 OK 0 B URL HTTP/2 www.platincasino.com/no/home.html
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
GET /no/home.html HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-tag: html
x-frame-options: SAMEORIGIN
x-akamai-transformed: 9 - 0 pmb=mTOE,2
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 08 Feb 2023 18:54:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 18:54:24 GMT
set-cookie: ak_bmsc=B629F2A3BD7320EB474871CE8ABDB8A1~000000000000000000000000000000~YAAQB08kFziCOCeGAQAACQVhMhL8aGRVsS5HCfSyxEGMzeg89Wp6NrRTwfVyVtd3PfsEuKz/DIfkuZQemVDHu1YVv+FoaVpDl2Lned0t7rGITUxpLaljf0C4c0USBjYorEoHqMIc9CjJ+9mYMLwEQ+8kW2tZ8nfvQfZmCuSKjhKvhZKokqDlDUT8MU7mp56J07pt3UcUIiMWFH6XYcgBzhcA9ig7JbMlpJgmnwgP6W/tsL0qHAWjyYyhux4jdOuEmYyo20hUZ2HMIa756L0Li3SaXpf5NRWSQdCgbbrF0dHEoU+0DeuDJGHjaDn7SCvpVaiTfXm3hT9PoGcyM2bvoLs7f2yRt8YA4LRoycNRdW+l1uwLx2V4a2m1xooKVkvJmkuh1YM5QtZxtsAp9VGI; Domain=.platincasino.com; Path=/; Expires=Wed, 08 Feb 2023 20:54:24 GMT; Max-Age=7200; HttpOnly
bm_mi=44809D7F7E6A833E42B23067DB971857~YAAQB08kFzmCOCeGAQAACQVhMhLPUwiTHxqD9rFRfCOfoGXfhujUY0e9BLNxtDLpInT1XulpPTbVSpuAnDT5kupUjVb1YSCypqo7qKkQRrJPhfe59BWPYoimxMmaMZlzlKJfajvzn8kZLXNKPcJIg8Pa1Yal6kozYsuG+/raCSi13mcbtTZTvyFNMA5krY+8GoF6aZD0gkvKFCP1gwrvHvtNLH+OI4VQLkFxHos9qO156jmJ1lht8N/DWnf4SJwfXSTahf5gr+0B2E4uGxiDG6FMITVFXKLYHsr4ETDv0yL31NSZwO6gFV/3GpC9c1TazeVea4w2o20wUcwJqK9PYw==~1; Domain=.platincasino.com; Path=/; Expires=Wed, 08 Feb 2023 18:54:24 GMT; Max-Age=0; Secure
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSliderBlock.92cd88c7.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSliderBlock.92cd88c7.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueSliderBlock.92cd88c7.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d90b27-5585"
expires: Wed, 31 Jan 2024 14:35:47 GMT
last-modified: Tue, 31 Jan 2023 12:35:51 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7006dea8-5948-4033-b9c5-6f63567716ad-312023
x-accel-expires: @1706711747
server: CDN77-Turbo
x-77-nzt: AblMCRQCNlz/nsgKAA
x-77-nzt-ray: af5856305c80a3eee1efe36302f1112b
x-cache: HIT
x-age: 706718
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueProducerBlock.33638096.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueProducerBlock.33638096.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueProducerBlock.33638096.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638a1703-fca"
expires: Mon, 04 Dec 2023 14:08:18 GMT
last-modified: Fri, 02 Dec 2022 15:17:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 0761d770-c934-4b67-b781-0eaf1c3081f8-3382022
x-accel-expires: @1701698898
server: CDN77-Turbo
x-77-nzt: AblMCRRrOBr/D0ZXAA
x-77-nzt-ray: af5856305c80a3eee1efe363bc72352b
x-cache: HIT
x-age: 5719567
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.ae69ef55.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.ae69ef55.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/nsoftTopOfferJsBlock.ae69ef55.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-80c6"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 343ba89c-b5b4-4813-ace1-b55a185d4e9f-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRTHKmb/23ZTAA
x-77-nzt-ray: af5856305c80a3eee1efe3637cda7e2c
x-cache: HIT
x-age: 5469915
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/api/translation/get?locale=pt_BR
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/api/translation/get?locale=pt_BR
IP 104.22.34.208:0
GET /api/translation/get?locale=pt_BR HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/json
cf-ray: 796692e289c92d59-ARN
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_first.svg
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_first.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/images/footer/licenses/license_desktop_first.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"639a0c2c-28b48"
expires: Thu, 14 Dec 2023 21:01:25 GMT
last-modified: Wed, 14 Dec 2022 17:47:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d9cbbed3-2585-4277-af66-52fea1e2e6ef-3482022
x-accel-expires: @1702587685
server: CDN77-Turbo
x-77-nzt: AblMCRTLKuP/QbZJAA
x-77-nzt-ray: af5856305c80a3eee6efe3632382153b
x-cache: HIT
x-age: 4830785
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Booming-9360.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Booming-9360.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Booming-9360.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb8d1-86e"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:45:05 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9cd6d549-1815-4a56-b24e-9c1d26775b14-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSMIY3/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36364b0a009
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
104.18.10.216200 OK 0 B URL HTTP/2 mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
IP 104.18.10.216:0
GET /renderBanner.do?zoneId=208113 HTTP/1.1
Host: mediaserver.entainpartners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
vary: Accept-Encoding
x-ua-compatible: IE=EmulateIE7
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: JSESSIONID=F9DC980CA2E1A9D9B1BD2C4C1EEB3815; Path=/; HttpOnly
__cf_bm=M6K_0zMCdKM.cFhnISHPJS3SE4NTf6GT0KhNZAi_UzI-1675882463-0-AeT0ZqoSXRcz5fwAp2s8WSGPG4gQAzjvmxlq3AdFojLTltbOg0qk85/a2frJCaURM8plfWxOPXRckfqJVh9ACNk=; path=/; expires=Wed, 08-Feb-23 19:24:23 GMT; domain=.entainpartners.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 796692d608d6b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/gamesBlock.5cfd3262.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/gamesBlock.5cfd3262.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/gamesBlock.5cfd3262.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638df9a5-2f14"
expires: Wed, 06 Dec 2023 00:40:16 GMT
last-modified: Mon, 05 Dec 2022 14:01:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e5b51eca-bb2d-407d-88fd-074c1a43741c-3402022
x-accel-expires: @1701823216
server: CDN77-Turbo
x-77-nzt: AblMCRRI3gX/cWBVAA
x-77-nzt-ray: af5856305c80a3eee1efe3639207502b
x-cache: HIT
x-age: 5595249
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/gamesBlock.69df01dc.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/gamesBlock.69df01dc.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/gamesBlock.69df01dc.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-a92"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 19ba74e0-6471-46ac-94e7-d07e997e0840-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRQ4/3L/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe363dd985c2b
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/Brazil-01-6807-9882.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/Brazil-01-6807-9882.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/flags/Brazil-01-6807-9882.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"5fbfe73e-8ebb"
expires: Sat, 04 Nov 2023 14:43:12 GMT
last-modified: Thu, 26 Nov 2020 17:34:54 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 96526c45-1830-4e4d-a39e-9405722a4807-3082022
x-accel-expires: @1699108992
server: CDN77-Turbo
x-77-nzt: AblMCRSaWwX/58p+AA
x-77-nzt-ray: af5856305c80a3eee7efe363ee6a5c02
x-cache: HIT
x-age: 8309479
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/1742.157c0f3c644cecdb.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/1742.157c0f3c644cecdb.esm.js
IP 104.22.34.208:0
GET /app/1742.157c0f3c644cecdb.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7ece62d59-ARN
etag: W/"63e25514-739"
last-modified: Tue, 07 Feb 2023 13:41:40 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/bgaming-4795.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/bgaming-4795.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/bgaming-4795.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbad9-424"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:53:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9dc7a7f8-1435-4ffb-aa08-a53394e3ed0e-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSGdln/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363f080eb08
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/spinmatic-784.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/spinmatic-784.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/spinmatic-784.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"61374546-74a"
expires: Thu, 07 Dec 2023 18:16:25 GMT
last-modified: Tue, 07 Sep 2021 10:56:06 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 987c3e3a-2f81-40a6-85bf-1c11943d7cd9-3412022
x-accel-expires: @1701972985
server: CDN77-Turbo
x-77-nzt: AblMCRSqbUv/bhdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363cc831912
x-cache: HIT
x-age: 5445486
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
pixbet.com/casino/?btag=a_1856b_104c_PU_BR_PA_DT_VOLD_PIXBET
104.18.39.162403 Forbidden 0 B URL HTTP/2 pixbet.com/casino/?btag=a_1856b_104c_PU_BR_PA_DT_VOLD_PIXBET
IP 104.18.39.162:0
GET /casino/?btag=a_1856b_104c_PU_BR_PA_DT_VOLD_PIXBET HTTP/1.1
Host: pixbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=A9XbgnH4E7ywUifXckXObGUEjlY1L0dyarRFC8B0yro-1675882464-0-ASpXLr3vEAz+YVr/VOsJnrl3zC+zmyMl6msSRPB0JLcYjFrduvltHwpM20T6f7Q4UQqWVG9O6lPT4zCnByYM7Ho=; path=/; expires=Wed, 08-Feb-23 19:24:24 GMT; domain=.pixbet.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 796692d88edcb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.seon.io/js/v4/agent.js
54.230.111.40200 OK 0 B URL HTTP/2 cdn.seon.io/js/v4/agent.js
IP 54.230.111.40:0
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seon.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 17:58:28 GMT
cache-control: max-age=3600
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FcXSyy9XhOOeA2E4ATk0_T2d4aU2w2m5f3670Wv6kNdsAel81PtxSw==
age: 3360
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/categoryBlock.6098f315.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/categoryBlock.6098f315.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/categoryBlock.6098f315.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-8e1"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: ff7ce03d-3b83-45b0-a04f-b545156b6905-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRTlYBn/kw1KAA
x-77-nzt-ray: af5856305c80a3eee1efe36350620c2b
x-cache: HIT
x-age: 4853139
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/7476.16a47741.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/7476.16a47741.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/7476.16a47741.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"637e4940-1911"
expires: Sat, 25 Nov 2023 15:57:07 GMT
last-modified: Wed, 23 Nov 2022 16:24:32 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 857dc280-994d-4068-922f-6fd186d34eaa-3292022
x-accel-expires: @1700927827
server: CDN77-Turbo
x-77-nzt: AblMCRSiMkP/DgpjAA
x-77-nzt-ray: af5856305c80a3eee1efe3638d8b452b
x-cache: HIT
x-age: 6490638
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/belatra-4353.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/belatra-4353.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/belatra-4353.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb8b6-5bd"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:44:38 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e6db4260-3eaa-4c25-86c0-5973d0f46d96-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSZSrr/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363fdc19c08
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/5875.6b4f0a791cb18950.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/5875.6b4f0a791cb18950.esm.js
IP 104.22.34.208:0
GET /app/5875.6b4f0a791cb18950.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f84d842d59-ARN
etag: W/"63e25502-2db"
last-modified: Tue, 07 Feb 2023 13:41:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Igrosoft-221.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Igrosoft-221.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Igrosoft-221.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e505-b3d"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 27 Aug 2021 13:13:41 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: ef46fb86-44ce-4183-b3b9-9de08a74243a-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRRqWDX/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36324dddf0d
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Lightening-Box-4845.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Lightening-Box-4845.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Lightening-Box-4845.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f18297-21ec"
expires: Thu, 07 Dec 2023 18:16:21 GMT
last-modified: Fri, 16 Jul 2021 12:59:03 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4f46efac-4c7f-44d4-b8f4-2484da3cbbf5-3412022
x-accel-expires: @1701972981
server: CDN77-Turbo
x-77-nzt: AblMCRSTMGz/chdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3630d94050e
x-cache: HIT
x-age: 5445490
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d2ac5c-2dae"
expires: Sat, 27 Jan 2024 03:18:54 GMT
last-modified: Thu, 26 Jan 2023 16:37:48 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e91472ca-cec4-482c-a4fd-033bb60f94c9-272023
x-accel-expires: @1706325534
server: CDN77-Turbo
x-77-nzt: AblMCRRxuy3/Sa0QAA
x-77-nzt-ray: af5856305c80a3eee7efe363d0acd910
x-cache: HIT
x-age: 1092937
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/categoryBlock.15f60701.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/categoryBlock.15f60701.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/categoryBlock.15f60701.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-de6"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6e48885e-939a-49b7-981d-a1f0ab6b6103-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRT/nZn/x8t+AA
x-77-nzt-ray: af5856305c80a3eee1efe363f74d042b
x-cache: HIT
x-age: 8309703
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63aad47c-1325"
expires: Thu, 28 Dec 2023 14:54:14 GMT
last-modified: Tue, 27 Dec 2022 11:18:20 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: efd9a2fc-ab82-441b-a763-1176f34cc6e8-3622022
x-accel-expires: @1703775254
server: CDN77-Turbo
x-77-nzt: AblMCRQem/n/UZc3AA
x-77-nzt-ray: af5856305c80a3eee7efe36382a7a314
x-cache: HIT
x-age: 3643217
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_first.svg
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_first.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/images/footer/licenses/license_mobile_first.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:30 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-28c00"
expires: Thu, 14 Dec 2023 17:03:37 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: a55f9488-5b7e-42c2-90dd-401358decd8a-3482022
x-accel-expires: @1702573417
server: CDN77-Turbo
x-77-nzt: AblMCRRrQJT//e1JAA
x-77-nzt-ray: af5856305c80a3eee6efe363d517893b
x-cache: HIT
x-age: 4845053
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/commons.c7802f4c.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/commons.c7802f4c.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/commons.c7802f4c.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-3783a"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: ab1d35f1-5cdc-444c-b639-4561b155f1ff-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRQ5uYr/kw1KAA
x-77-nzt-ray: af5856305c80a3eee1efe3636fa2342d
x-cache: HIT
x-age: 4853139
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/9114.2d954ca350db845b.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/9114.2d954ca350db845b.esm.js
IP 104.22.34.208:0
GET /app/9114.2d954ca350db845b.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f85d8b2d59-ARN
etag: W/"63e25519-4a8"
last-modified: Tue, 07 Feb 2023 13:41:45 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Ezugi-9639.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Ezugi-9639.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Ezugi-9639.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb912-80e"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:46:10 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: a3a749e6-3ab6-4df4-a32d-ea86f73a33d7-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSLwxb/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363107dbd0b
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
104.17.133.181302 Found 0 B URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
IP 104.17.133.181:0
GET /pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://help.br.betboo.com/closed?productId=SPORTSBOOK&trid=in13741
cache-control: private
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 162.158.110.246
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://www.br.betboo.com:80/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741;Ip=91.90.42.154;Path=/;Domain=.betboo.com;Expires=Wed, 08-Feb-2023 18:59:23 GMT;secure;HttpOnly
__cf_bm=3pDw3v0kTYJ_.tUqt4O0GIroa4H4ljYkWmkC0WsfVD4-1675882463-0-AXunMxSI+GiqXK2EwtONE0+RzF/uEOsPuZKSY01QvC5vGlQ8Vrqa+b1MLq6+Yn3uS9e7qVeCZItqBLuKY1GZS5c=; path=/; expires=Wed, 08-Feb-23 19:24:23 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 796692d5dd74b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerArticleBlock.f9a16ee1.css?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerArticleBlock.f9a16ee1.css?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/footerArticleBlock.f9a16ee1.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-b36"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 082cfa74-8153-4f04-994e-2e38f9895f34-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRQQBcn/23ZTAA
x-77-nzt-ray: af5856305c80a3eee1efe363791e1a2d
x-cache: HIT
x-age: 5469915
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/2742.7218039944d73442.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/2742.7218039944d73442.esm.js
IP 104.22.34.208:0
GET /app/2742.7218039944d73442.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7fcf22d59-ARN
etag: W/"63e25502-239"
last-modified: Tue, 07 Feb 2023 13:41:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_second.svg
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_second.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/images/footer/licenses/license_mobile_second.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-686d3"
expires: Thu, 14 Dec 2023 17:03:37 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2e86d0c5-5f25-4714-9263-0ad72c96fcd1-3482022
x-accel-expires: @1702573417
server: CDN77-Turbo
x-77-nzt: AblMCRQBdNj//u1JAA
x-77-nzt-ray: af5856305c80a3eee7efe3630e4f5801
x-cache: HIT
x-age: 4845054
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/flags/United_Kingdom-01-1317.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6006bbc7-548"
expires: Tue, 21 Nov 2023 13:04:44 GMT
last-modified: Tue, 19 Jan 2021 11:00:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d73574d6-b7f7-4760-bdee-9c80e6b66173-3252022
x-accel-expires: @1700571884
server: CDN77-Turbo
x-77-nzt: AblMCRTRSTn/e3hoAA
x-77-nzt-ray: af5856305c80a3eee7efe363ca0c5002
x-cache: HIT
x-age: 6846587
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/amatic-9789.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/amatic-9789.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/amatic-9789.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb888-226"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:43:52 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4803d2a6-80aa-4509-ba01-a9f0701c31b9-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSkhZb/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363e0729307
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Zitro-246.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Zitro-246.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Zitro-246.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbf37-118"
expires: Thu, 07 Dec 2023 18:16:28 GMT
last-modified: Thu, 01 Jul 2021 13:12:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: c67c9147-7433-4547-9ad0-97da6a829fe9-3412022
x-accel-expires: @1701972988
server: CDN77-Turbo
x-77-nzt: AblMCRQ7PB7/axdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363d4b84814
x-cache: HIT
x-age: 5445483
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/flags/Spain-flag-8385.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"5fc8fc6b-a5d8"
expires: Thu, 07 Dec 2023 10:45:53 GMT
last-modified: Thu, 03 Dec 2020 14:55:39 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 594b0a4a-3a55-4ea2-926f-60640c9504c2-3412022
x-accel-expires: @1701945953
server: CDN77-Turbo
x-77-nzt: AblMCRQhtIn/BoFTAA
x-77-nzt-ray: af5856305c80a3eee7efe363f6986f02
x-cache: HIT
x-age: 5472518
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.95e12733.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.95e12733.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/footerGameCategoriesBlock.95e12733.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-7d2"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 77312741-bb79-423b-9e16-c52ad4468fef-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRSwXJz/kw1KAA
x-77-nzt-ray: af5856305c80a3eee1efe363cdc50c2d
x-cache: HIT
x-age: 4853139
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/ainsworth-9625.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/ainsworth-9625.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/ainsworth-9625.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbdff-306"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 13:07:11 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d27a41f8-8320-410a-9e6e-008071aac601-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSXa53/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36325a1ac06
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Gameburger-Studios-8508.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Gameburger-Studios-8508.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Gameburger-Studios-8508.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"61698bd8-eff4"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 15 Oct 2021 14:10:32 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9042a0a6-911c-4b0b-9bab-3e5497e33e3b-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRTu2l7/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3636754f80c
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Gamevy-7480.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Gamevy-7480.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Gamevy-7480.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbe1b-25f"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 13:07:39 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2ce65357-956a-45a8-9413-a2da3e7f8ae1-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSCvvr/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363fadc1e0d
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/playtech-6986.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/playtech-6986.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/playtech-6986.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbfb2-6db"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Thu, 01 Jul 2021 13:14:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 49e79da7-13ba-4432-9178-f82c1ece4fac-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRTGMpr/4a9SAA
x-77-nzt-ray: af5856305c80a3eee7efe363ead78a10
x-cache: HIT
x-age: 5418977
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Wazdan-6832.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Wazdan-6832.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Wazdan-6832.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbef9-337"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Thu, 01 Jul 2021 13:11:21 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 01868eda-c664-4ef6-a674-382b34d3d978-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRRJDFv/bBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe363dcdf8a13
x-cache: HIT
x-age: 5445484
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
partnerbcgame.com/db2e7562c
188.114.97.1302 Found 0 B URL HTTP/2 partnerbcgame.com/db2e7562c
IP 188.114.97.1:0
GET /db2e7562c HTTP/1.1
Host: partnerbcgame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63e3efdf680fad7724895732&utm_source=4cxse6dr
set-cookie: 6b86b273ff34fce19d6b=63e3efdf680fad7724895732; Expires=Fri, 10 Mar 2023 18:54:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fl%2F74kxAduUfD6IUlrva7ZTX%2BjLS8zCkRhLdY5SC1UFksaMFGAqGXBmRSuUdrIaldwagobJ%2BdbudvXdTiRrzbLGkTG6fOIYl2xrkF8TH4dS0yCTxVbwBnlg9XdK2Y1kiyxCOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692d6a859b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.20bet.com/api/data/provinces
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/data/provinces
IP 104.22.34.208:0
GET /api/data/provinces HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f2ff5e2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Iron-Dog-Studios-9298.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Iron-Dog-Studios-9298.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Iron-Dog-Studios-9298.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f18314-1632"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 16 Jul 2021 13:01:08 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2c83e73f-ea3e-4035-8805-4f81410d2e28-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRTC+o//dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3633491ea0d
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/2by2-5005.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/2by2-5005.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/2by2-5005.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbc94-1014"
expires: Thu, 07 Dec 2023 18:16:29 GMT
last-modified: Thu, 01 Jul 2021 13:01:08 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9049d4ab-2a81-4662-a612-d577fd4a285d-3412022
x-accel-expires: @1701972989
server: CDN77-Turbo
x-77-nzt: AblMCRTwfKD/ahdTAA
x-77-nzt-ray: af5856305c80a3eee7efe36343df8b14
x-cache: HIT
x-age: 5445482
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/jftw-1556.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/jftw-1556.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/jftw-1556.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60e31053-c0d"
expires: Thu, 07 Dec 2023 11:49:30 GMT
last-modified: Mon, 05 Jul 2021 13:59:47 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: c407889f-56b7-49e3-b794-f102dece19c4-3412022
x-accel-expires: @1701949770
server: CDN77-Turbo
x-77-nzt: AblMCRTnbW//HXJTAA
x-77-nzt-ray: af5856305c80a3eee7efe3635c5cf80d
x-cache: HIT
x-age: 5468701
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
188.114.97.1302 Found 0 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
IP 188.114.97.1:0
GET /C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 08 Feb 2023 18:54:23 GMT
content-type: text/html; charset=utf-8
location: https://br.betano.com/?btag=a_9862b_619c_PU_BR_PA_DT_VOLD_BETANO&utm_medium=2566&utm_source=1&siteid=9862
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: XYZ=3&1&148&&&&0&1&&d1df8b2d-ed4d-4dc1-a8a8-d4e1bddafddb&&a_9862b_619&; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
A_619=a=619&r=0&fv=0&lv=0&vc=0&fc=20230208&lc=20230208065423&cc=1; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
PM_20=c=PU_BR_PA_DT_VOLD_BETANO&s=9862&ad=619&md=0&pm=20&d=20230208185423&ip=1532635802&r=0&ref=&RedirectParams=btag%3da_9862b_619c_PU_BR_PA_DT_VOLD_BETANO%26utm_medium%3d2566%26utm_source%3d1%26siteid%3d9862; expires=Tue, 09-May-2023 18:54:23 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBln1BzmR6RywGdKLuAwXxxN%2FBHjvdCGjCVv1UipdA9DKZJilRWd1B2ekXrk03YsQh3ygZXe092b7wUThnoxzVDsrVH3pKktAjt295pxh2hNpQhtUxXBhPgT6fC7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692d62822b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
help.bwin.com/closed?sb=1&wm=5314018&zoneId=2081136
104.16.131.238200 OK 0 B URL HTTP/2 help.bwin.com/closed?sb=1&wm=5314018&zoneId=2081136
IP 104.16.131.238:0
GET /closed?sb=1&wm=5314018&zoneId=2081136 HTTP/1.1
Host: help.bwin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=a1YxKGWyJ4k8Tr9nj1umSLijT9hug3ZnaghoJh9sl4w-1675882463-0-AZt+NQLxpFfUxBMoWZluBLNL8WTjaCU5X3FdWI9EhBlsUxNqd2VrbwpgaS3YebZnVOC6fuo32tf2uzyf8jMhylxSytaXLf5K57N56CWzJGdz
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:24 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900
last-modified: Wed, 08 Feb 2023 18:54:23 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
cf-ray: 796692d74ea5b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
20bet.com/app/main.ec1fae44db88d4f7.css
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/main.ec1fae44db88d4f7.css
IP 104.22.34.208:0
GET /app/main.ec1fae44db88d4f7.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/css
cf-ray: 796692df0d912d59-ARN
etag: W/"63e25519-5e6fb"
last-modified: Tue, 07 Feb 2023 13:41:45 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueProducerBlock.8918d5d3.js?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueProducerBlock.8918d5d3.js?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /build/vueProducerBlock.8918d5d3.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-1776"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: aea38de3-8506-4c8c-811a-7c7763d0abe8-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRQmLtf/ewVKAA
x-77-nzt-ray: af5856305c80a3eee1efe363f7603a2b
x-cache: HIT
x-age: 4851067
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/5098.27c66aa495a483d6.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/5098.27c66aa495a483d6.esm.js
IP 104.22.34.208:0
GET /app/5098.27c66aa495a483d6.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692fc69e02d59-ARN
etag: W/"63e25502-23a"
last-modified: Tue, 07 Feb 2023 13:41:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-markets/br
104.22.34.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-markets/br
IP 104.22.34.208:0
GET /api/market-descriptions/get-all-markets/br HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796692f32f8c2d59-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/8459.ac653e03c2d7c942.esm.js
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/8459.ac653e03c2d7c942.esm.js
IP 104.22.34.208:0
GET /app/8459.ac653e03c2d7c942.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=a181f329-8070-4911-b6b3-cbb40e6f83e6.1675882524.1.1675882524.1675882524.86b68883-2bea-4992-a4be-2f92ebd43e78
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:29 GMT
content-type: application/javascript
cf-ray: 796692f7dcba2d59-ARN
etag: W/"63e25508-cac"
last-modified: Tue, 07 Feb 2023 13:41:28 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Skillzz-Gaming-8078.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Skillzz-Gaming-8078.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/Skillzz-Gaming-8078.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f182df-a04"
expires: Thu, 07 Dec 2023 18:16:25 GMT
last-modified: Fri, 16 Jul 2021 13:00:15 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2b8ebf13-b85e-482e-b413-09347e717e72-3412022
x-accel-expires: @1701972985
server: CDN77-Turbo
x-77-nzt: AblMCRSXemP/bhdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3632afee211
x-cache: HIT
x-age: 5445486
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
blancoshrimp.com/SB/BR/
104.21.73.164200 OK 0 B IP 104.21.73.164:0
GET /SB/BR/ HTTP/1.1
Host: blancoshrimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:22 GMT
content-type: text/html
last-modified: Tue, 17 Jan 2023 10:43:03 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIIZkoDFRDbOJQUfqPvBQWIw0LRqSQ1sfWGjOhDABiQ5qzzD1CoNtHajSz8nRQl9R5%2FmJ7rHKWP2mIiDjc5XUrGhBpQLGZ0p32IYHcS1Oh%2Bt%2BjJgBPwnmrN013I5FMB2SCnM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796692cf2d20b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/All41Studios-492.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/All41Studios-492.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/All41Studios-492.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60e31091-520"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Mon, 05 Jul 2021 14:00:49 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b2cb2b11-9fc0-4e69-a4fd-6cdcf3f8c4aa-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRQxNbn/dBdTAA
x-77-nzt-ray: af5856305c80a3eee7efe3636e767f07
x-cache: HIT
x-age: 5445492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
casino.cur.a8r.games/public/sg.js
104.18.13.198200 OK 0 B URL HTTP/2 casino.cur.a8r.games/public/sg.js
IP 104.18.13.198:0
GET /public/sg.js HTTP/1.1
Host: casino.cur.a8r.games
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 08 Feb 2023 17:31:01 GMT
cf-cache-status: HIT
age: 4700
expires: Wed, 08 Feb 2023 22:54:25 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 796692df5de4b4f7-OSL
X-Firefox-Spdy: h2
20bet.com/app/common.68e049bd60bde3ea.css
104.22.34.208200 OK 0 B URL HTTP/2 20bet.com/app/common.68e049bd60bde3ea.css
IP 104.22.34.208:0
GET /app/common.68e049bd60bde3ea.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/br?btag=668128_2340F497E7724DB9B10970111FEC03F5
Cookie: btag=668128_2340F497E7724DB9B10970111FEC03F5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:28 GMT
content-type: text/css
cf-ray: 796692f05b4b2d59-ARN
etag: W/"63e25514-d68"
last-modified: Tue, 07 Feb 2023 13:41:40 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/2353cdfb5611c6342889bceafb5319e7.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/2353cdfb5611c6342889bceafb5319e7.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/2353cdfb5611c6342889bceafb5319e7.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d2abef-6dd"
expires: Sat, 27 Jan 2024 03:18:54 GMT
last-modified: Thu, 26 Jan 2023 16:35:59 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4d7d135c-16e4-4e66-a8d6-981448a93901-272023
x-accel-expires: @1706325534
server: CDN77-Turbo
x-77-nzt: AblMCRQ97U3/Sa0QAA
x-77-nzt-ray: af5856305c80a3eee7efe3636472630f
x-cache: HIT
x-age: 1092937
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/4e8b2b479c0b1beae6329e41c3145cc1.svg?v10263
185.76.9.21200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/4e8b2b479c0b1beae6329e41c3145cc1.svg?v10263
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /files/categories/4e8b2b479c0b1beae6329e41c3145cc1.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 18:54:31 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d2aa8c-668"
expires: Sat, 27 Jan 2024 03:18:54 GMT
last-modified: Thu, 26 Jan 2023 16:30:04 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 83187bb5-c7a3-4bd5-b02a-a3f026296bbb-272023
x-accel-expires: @1706325534
server: CDN77-Turbo
x-77-nzt: AblMCRSrwOr/Sa0QAA
x-77-nzt-ray: af5856305c80a3eee7efe36356ca3512
x-cache: HIT
x-age: 1092937
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2