| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 07:09:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jZwWILL6URXOyRkZt6y1nOHQBvpwU3VbpaqKRcY1DcUpDw9FdXBTxg==
Age: 3539
|
|
| www.wownicepop.com/dabec036-f980-4039-b603-51b0fe0b2588 | 18.196.84.70 | 302 | 0 B |
URL HTTP/1.1www.wownicepop.com/dabec036-f980-4039-b603-51b0fe0b2588 IP18.196.84.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /dabec036-f980-4039-b603-51b0fe0b2588 HTTP/1.1
Host: www.wownicepop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: bc5ab007-ee83-4980-a5eb-430cea00c5fb-v4=mOumaxhguuSxoTKhZFAWnHoT2GTeQ5-_vOUh3shZVXw; cc-v4=KsoYluLq0lkXmr%2BpEa%2F2Pmx38%2FWbKsBA%2FoGqaBFK1b%2B21JLaKlBNhAyajdHcuP0aELxUHm7GdBJ9W0qtHUcp0JH6k%2BqILNvUcfepIj2mwjpeGB5nSxgcAt8iayNRXANZKS%2B8Q9Ka%2FhrpVVojXrnQfA%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Wed, 14 Sep 2022 08:08:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://media.premierbetpartners.com/redirect.aspx?pid=18861&bid=4750&PremBet=w6fld69s8smv0g1ji3dk5t7m
Pragma: no-cache
Set-Cookie: dabec036-f980-4039-b603-51b0fe0b2588-v4=ZIXA_m01Y40IbdqtPYmdwQrJVxMZCQqmeeT0nN6SoII; Max-Age=86400; Expires=Thu, 15-Sep-2022 08:08:27 GMT; Domain=www.wownicepop.com; Path=/; HttpOnly
cc-v4=rf9JAyrxkkrOJs%2BLoCDOwr7w0WfCBvglydiRT7M3%2BvW6XdUbmsJb29oP7JxWJSa1a8qNH6GRQJN%2BjjZwU6Z9FTDRDXOGUENbOhXzFBEDYG5324GiWSd%2BkhpuDR8Wc00HiltMVPgdtVuxf4hmUF0yMQ%3D%3D; Max-Age=31536000; Expires=Thu, 14-Sep-2023 08:08:27 GMT; Domain=www.wownicepop.com; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3898
Expires: Wed, 14 Sep 2022 09:13:25 GMT
Date: Wed, 14 Sep 2022 08:08:27 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g8AWbihkojVt3S8YKhuauf0e18l__JberOk6nHkefRNz7ibcO0U_gw==
age: 12792
X-Firefox-Spdy: h2
|
|
| media.premierbetpartners.com/redirect.aspx?pid=18861&bid=4750&PremBet=w6fld69s8smv0g1ji3dk5t7m | 95.101.10.113 | 301 Moved Permanently | 0 B |
URL HTTP/2media.premierbetpartners.com/redirect.aspx?pid=18861&bid=4750&PremBet=w6fld69s8smv0g1ji3dk5t7m IP95.101.10.113:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=18861&bid=4750&PremBet=w6fld69s8smv0g1ji3dk5t7m HTTP/1.1
Host: media.premierbetpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.premierbet.co.ao/premier6/register/?btag=664761_32624591E4A640EF988E1A3C6F4299F6&PremBet=w6fld69s8smv0g1ji3dk5t7m
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 14 Sep 2022 08:08:27 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 14 Sep 2022 08:08:27 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a18861%2c%22BID%22%3a4750%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663142907305)%5c%2f%22%2c%22CookieTag%22%3a%22475018861451240919C202291488%22%7d%5d; SameSite=None;; domain=.premierbetpartners.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%223236052097%7c1%22%7d%5d; domain=.premierbetpartners.com; expires=Fri, 14-Sep-3021 08:08:27 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=34
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 08:08:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 08:03:22 GMT
Expires: Wed, 14 Sep 2022 09:01:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LKq4AbTrJ29MxAcwyUzHQXOxSzo9308xpxtW21emGn9a-eG9nkTR3g==
Age: 305
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 1.2 kB |
IP93.184.220.29:0
Hashae530cee7df39167351ffc40cd444283 9e646f8e725d716c08661a26264e9a1990580952 329a24274307050cc751581d2ffb2d5da3715b8a3281e1a9aae6afc97dae5ca6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: max-age=89988
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:27 GMT
Etag: "63203a1f-1d7"
Expires: Thu, 15 Sep 2022 09:08:15 GMT
Last-Modified: Tue, 13 Sep 2022 08:06:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=UA-127247009-22 | 142.250.74.72 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-127247009-22 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hash469cf52a2ef8508c8053edcd0bd72baf 01307eb427f9780ee06b0de59a331a7159fbc666 4d2e6742fea4df0ef9d7703e8b50f3c8d3a61e8e3bc5fb3eaa36bdb91a8c9340
GET /gtag/js?id=UA-127247009-22 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 14 Sep 2022 08:08:27 GMT
expires: Wed, 14 Sep 2022 08:08:27 GMT
cache-control: private, max-age=900
last-modified: Wed, 14 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 1.2 kB |
IP142.250.74.3:0
Hash93a31e6faebdc1cdf9e11b89e74d2baf 7f933cc457ca21153cf489f9de8727a5d7e5d9b1 92dff7fb5d3de2846535b38582b82d22393953e4a6fc445787a1daaf6c4eb8f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 52.39.126.109 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.126.109:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7/Q8TnGuEPIrq3OAM95YBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c61nga4DWDmcVaqeH06o93mdIxc=
|
|
| prod.webpu.sh/5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/sdk.js | 52.211.92.2 | 200 OK | 38 kB |
URL HTTP/1.1prod.webpu.sh/5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/sdk.js IP52.211.92.2:0
File typeASCII text, with very long lines (60497) Hashe3c415d59dc792ea3f47d9136126b749 6d041deceee12b3848f8284ecdfdfa8a166126da a608db0b86d8c7053d20ffd5177a34853ac6b11e9efb2b050a00487ae23bf702
GET /5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/sdk.js HTTP/1.1
Host: prod.webpu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-amz-id-2: OXLHhxTdKhvTHHklcoAwmm9AO+l/5CL9t/Ly8AzHZLctVBoPoW2Boi1T6z4BevW1c4hblo33SJI=
x-amz-request-id: WCR9VA5BA94F6268
Last-Modified: Wed, 07 Sep 2022 10:30:26 GMT
ETag: W/"6e080466638c5804aad50354b7b9983d"
Cache-Control: max-age=21600
Content-Encoding: gzip
|
|
| akoss.bangcdn.net/fe/phx_analytics.js | 2.21.8.251 | 200 OK | 2.6 kB |
URL HTTP/2akoss.bangcdn.net/fe/phx_analytics.js IP2.21.8.251:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (6909), with no line terminators Hashcd19b8e4077b69a1e2cf0a40c9328740 272872ce2473ed15081e7613e6c77e096264a241 353cafb5a367a8b72607c44181fd09d65c245e163f84f3c73b7f01c3f1b8dda5
GET /fe/phx_analytics.js HTTP/1.1
Host: akoss.bangcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: AliyunOSS
content-type: application/javascript
x-oss-request-id: 63086DD244E4D0373505B793
last-modified: Fri, 26 Aug 2022 06:51:04 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17850771367279675102
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: keCF7n2QRZhUvOuqD1SA5A==
x-oss-server-time: 1
content-encoding: gzip
content-length: 2624
cache-control: no-cache
date: Wed, 14 Sep 2022 08:08:28 GMT
vary: Accept-Encoding
access-control-expose-headers: Etag,x-oss-request-id
access-control-allow-methods: GET,POST,PUT,HEAD,DELETE
access-control-allow-origin: *
x-akamai-request-id: c793674
X-Firefox-Spdy: h2
|
|
| tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAM8 | 95.101.10.99 | 200 OK | 37 kB |
URL HTTP/2tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAM8 IP95.101.10.99:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (62059) Hash60882a9b54f1263ff2c394989ee65b97 8282038d5430000fe07c5340971d0352df8a58c5 ff94dd1c312604a974e7b04e25f94e1ad7dd2579a3b7075690fe03b933ca8648
GET /dist/tag-manager.js?id=STM-AAAAM8 HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: YcLPfjIbjoEEJxg=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37099
date: Wed, 14 Sep 2022 08:08:28 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
|
|
| tracker.ads.sportradar.com/dist/tracker.js | 95.101.10.99 | 200 OK | 12 kB |
URL HTTP/2tracker.ads.sportradar.com/dist/tracker.js IP95.101.10.99:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (34755) Hashb34b13d85152f71b7fd15289c78c0583 0bb20191b022bbd0e75f2bbce7f6332886079c2c 7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: N1LHWrF7z0p4P1ajVvRfHxboBlqfinMmAWqLpOoJFIuEYnwv9UEp9Q==
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 14 Sep 2022 08:08:28 GMT
content-length: 11553
cache-control: max-age=900, public
X-Firefox-Spdy: h2
|
|
| tracker.ads.sportradar.com/dist//sp-2.14.0.js | 95.101.10.99 | 200 OK | 30 kB |
URL HTTP/2tracker.ads.sportradar.com/dist//sp-2.14.0.js IP95.101.10.99:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (64903) Hash44f237857b8d03f32b53fe551e83c95a 91536fe6c60d947d29dfcb5f04d09b752b5ccf03 a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: cm9RdLc43DgEcglFby3Gou9w8VgkyG6_fBb5TSm66Z4K7KfyUwwUbA==
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 14 Sep 2022 08:08:28 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
|
|
| ocsp.entrust.net/ | 23.13.44.131 | 200 OK | 1.6 kB |
IP23.13.44.131:0
Hash3964635fff5a0a275ce92e90fd62c308 3a5d8e359b6b5be8867cd81c1a2fa3aa261cf62d 9b2fb7b269739737822dd5d1c878fc76a4295eef4e5f92558dbe128142f01522
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9B2FB7B269739737822DD5D1C878FC76A4295EEF4E5F92558DBE128142F01522"
Last-Modified: Tue, 13 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=1304
Expires: Wed, 14 Sep 2022 08:30:13 GMT
Date: Wed, 14 Sep 2022 08:08:29 GMT
Connection: keep-alive
|
|
| ocsp.entrust.net/ | 23.13.44.131 | 200 OK | 1.6 kB |
IP23.13.44.131:0
Hash3964635fff5a0a275ce92e90fd62c308 3a5d8e359b6b5be8867cd81c1a2fa3aa261cf62d 9b2fb7b269739737822dd5d1c878fc76a4295eef4e5f92558dbe128142f01522
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9B2FB7B269739737822DD5D1C878FC76A4295EEF4E5F92558DBE128142F01522"
Last-Modified: Tue, 13 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=1368
Expires: Wed, 14 Sep 2022 08:31:17 GMT
Date: Wed, 14 Sep 2022 08:08:29 GMT
Connection: keep-alive
|
|
| a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= | 35.156.185.100 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= IP35.156.185.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=7ff18f2b-cc39-4c60-ad61-eb9438989a59; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
|
| a.sportradarserving.com/pixel?type=js&aid=1376&id=4587 | 35.156.185.100 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1a.sportradarserving.com/pixel?type=js&aid=1376&id=4587 IP35.156.185.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1376&id=4587 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1376&id=4587
Set-Cookie: zuuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash950526447441749ff9aeea01a5eb6c86 a1b93fd37508a8e29092bd3ea3b70badc5f39289 4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:29 GMT
Last-Modified: Wed, 14 Sep 2022 06:23:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash56f5d7f608e25d64207135f045f988cb 901eb59372ae330ae85e1384da93479b21ae1082 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 14 Sep 2022 06:41:12 GMT
expires: Wed, 14 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 5237
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js | 157.240.200.14 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP157.240.200.14:0
File typeASCII text, with very long lines (64348) Hash32467f00836af5caa433834a3ef51007 45df10dc08d27cbb3beadf5169cd05fe46277ff3 619f2aefc17466e58cbcf33a8fae8ca4c1372fb0c37a1772c6e2289929a9413e
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: YOOjhvWaSCYi7lLTa00vXjYXuagvismRezpI0d0fcNC9sb9c8ZxfU7Vcd4PCXplydD0poZQfkMWQ1K9MFp+ULQ==
priority: u=3,i
content-length: 26756
x-fb-trip-id: 1679558926
date: Wed, 14 Sep 2022 08:08:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= | 35.156.185.100 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= IP35.156.185.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Cookie: zuuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29; c=1663142909; zuuid_lu=1663142909
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D93fb6fa3-5c61-4b53-a607-90c7069c6b29
Set-Cookie: zuuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
|
| a.sportradarserving.com/ul_cb/pixel?type=js&aid=1376&id=4587 | 35.156.185.100 | 200 OK | 2.3 kB |
URL HTTP/1.1a.sportradarserving.com/ul_cb/pixel?type=js&aid=1376&id=4587 IP35.156.185.100:0
File typeASCII text, with very long lines (2325), with no line terminators Hash45e95c660a83ed62188a6fbd58900a25 cb9378d6617301430c570eefdc7316d79c1910e2 0f6d6959fa59e6ec871ff59aeada10437c1e2503d7fc79f380cf795b4b49fa89
GET /ul_cb/pixel?type=js&aid=1376&id=4587 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Cookie: zuuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29; c=1663142909; zuuid_lu=1663142909
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Wed, 14 Sep 2022 08:08:29 GMT
Set-Cookie: zuuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,432400109; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,432472109; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash950526447441749ff9aeea01a5eb6c86 a1b93fd37508a8e29092bd3ea3b70badc5f39289 4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:29 GMT
Last-Modified: Wed, 14 Sep 2022 06:23:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.godaddy.com/ | 192.124.249.36 | 200 OK | 1.8 kB |
IP192.124.249.36:0
Hash718d13475f3cb388fd4ea657fa1130fe 4449978498ba50894e9b398616f5972bb3eba3c2 6b601fb5de185d8a52543442e5f82bc004fd5758d18088f6194ada20bc50b535
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 14 Sep 2022 00:09:22 GMT
Expires: Thu, 15 Sep 2022 00:09:22 GMT
ETag: "4449978498ba50894e9b398616f5972bb3eba3c2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk IP142.250.74.3:0
Hash9ca47ea66f7726ef8697fc123d7321d5 7687e992d297c464829cae3cf6804d377a44c663 6b44d0f34c27c5392d5a13b9853b98ebf9c58497075adfefeca13bee5585378e
POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs | 142.250.74.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs IP142.250.74.3:0
Hash009fc124fbc10cae0f726943d5abcc7a a4310ec8203b271040380a3ecfee5fd2db258cdc b9eef806bd2d0be95a8c908735f1885906367e63b6bcfd3e41826a60044f6b2f
POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 08:08:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 | 216.239.38.21 | 200 OK | 42 B |
URL HTTP/2api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 IP216.239.38.21:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 HTTP/1.1
Host: api.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=93fb6fa3-5c61-4b53-a607-90c7069c6b29; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: a5e4ea01bbfe5eb22f6133847cf9a985
date: Wed, 14 Sep 2022 08:08:29 GMT
server: Google Frontend
content-length: 42
expires: Wed, 14 Sep 2022 08:08:29 GMT
cache-control: private
X-Firefox-Spdy: h2
|
|
| d9.flashtalking.com/img/img.png?D9v.AdvID=1121&D9r.DeviceID=true&D9c=ftSpot&D9v.SiteID=24441&D9c.spotlightId=127611&D9c.spotlightGroupId=13896&D9v.gdpr=${GDPR}&D9v.gdpr_consent=${GDPR_CONSENT_78}&D9v.us_privacy=${US_PRIVACY}&cb=914000484&D9cc.ftXValue=undefined&D9cc.U2=undefined&D9cc.U3=undefined&D9cc.U4=undefined&D9cc.U5=undefined&D9cc.U6=undefined&D9cc.U7=undefined&D9cc.U8=664761_32624591E4A640EF988E1A3C6F4299F6&D9cc.U9=undefined&D9cc.U10=undefined&D9cc.U11=undefined&D9cc.U12=Premierbet&D9cc.U13=AO&D9cc.U14=undefined>mcb=1099344044 | 54.171.109.141 | 200 | 70 B |
URL HTTP/1.1d9.flashtalking.com/img/img.png?D9v.AdvID=1121&D9r.DeviceID=true&D9c=ftSpot&D9v.SiteID=24441&D9c.spotlightId=127611&D9c.spotlightGroupId=13896&D9v.gdpr=${GDPR}&D9v.gdpr_consent=${GDPR_CONSENT_78}&D9v.us_privacy=${US_PRIVACY}&cb=914000484&D9cc.ftXValue=undefined&D9cc.U2=undefined&D9cc.U3=undefined&D9cc.U4=undefined&D9cc.U5=undefined&D9cc.U6=undefined&D9cc.U7=undefined&D9cc.U8=664761_32624591E4A640EF988E1A3C6F4299F6&D9cc.U9=undefined&D9cc.U10=undefined&D9cc.U11=undefined&D9cc.U12=Premierbet&D9cc.U13=AO&D9cc.U14=undefined>mcb=1099344044 IP54.171.109.141:0
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Hash4e73e94af1a1a5436c2da7f12c0123bb 58058bc52693124388c9f647411a047c9c0c8658 f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
GET /img/img.png?D9v.AdvID=1121&D9r.DeviceID=true&D9c=ftSpot&D9v.SiteID=24441&D9c.spotlightId=127611&D9c.spotlightGroupId=13896&D9v.gdpr=${GDPR}&D9v.gdpr_consent=${GDPR_CONSENT_78}&D9v.us_privacy=${US_PRIVACY}&cb=914000484&D9cc.ftXValue=undefined&D9cc.U2=undefined&D9cc.U3=undefined&D9cc.U4=undefined&D9cc.U5=undefined&D9cc.U6=undefined&D9cc.U7=undefined&D9cc.U8=664761_32624591E4A640EF988E1A3C6F4299F6&D9cc.U9=undefined&D9cc.U10=undefined&D9cc.U11=undefined&D9cc.U12=Premierbet&D9cc.U13=AO&D9cc.U14=undefined>mcb=1099344044 HTTP/1.1
Host: d9.flashtalking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,SERVER
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: image/png
Date: Wed, 14 Sep 2022 08:08:29 GMT
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Server: prod-xre-app8.lhr11
set-cookie: _D9J=66ecf757f5f54ef58869e24712e6809a; path=/; Max-Age=31536000; Expires=Thu, 14-Sep-2023 08:08:29 UTC; SameSite=None; Secure;Domain=flashtalking.com
X-HW: 1663142783.dop084.lo4.t,1663142783.cds220.lo4.shn,1663142908.dop084.lo4.t,1663142909.cds223.lo4.sc,1663142909.cds223.lo4.p
Content-Length: 70
Connection: keep-alive
|
|
| tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 | 216.239.36.21 | 200 OK | 42 B |
URL HTTP/2tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 IP216.239.36.21:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=93fb6fa3-5c61-4b53-a607-90c7069c6b29 HTTP/1.1
Host: tags.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=93fb6fa3-5c61-4b53-a607-90c7069c6b29; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: d96f857bf91b15b002dd67df25e22ccd
date: Wed, 14 Sep 2022 08:08:29 GMT
server: Google Frontend
content-length: 42
expires: Wed, 14 Sep 2022 08:08:29 GMT
cache-control: private
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8859
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 08:08:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8859
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 08:08:29 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash56811a1a20a467464e1f3da171ef8b14 366b2090d409d694b72b4b4131df46dd65d69c5a 4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 37584
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb20499b3b8ef7b8ee73bd8b27e8c0c16 744a852e9357455d55e72809841411258fec44a9 457c8a9e4974a9529fa852b37f7ffc083e0eac987fe47aaebda808bf9f9f2941
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: bba505a1-bbba-4d14-ad3a-1f72c028cc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj-YGaOIAMFeOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6c2-08d743cc73070f6653991180;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N0iUxQripFCaFLbMsp-lsFOMHDKzQUW3AHaWMyzOK9NGyAz5weDbvg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:28:34 GMT
age: 31195
etag: "744a852e9357455d55e72809841411258fec44a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8859
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 08:08:29 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash019416755742a78ddf35671ba5eaccc7 ec2e96359ef3a236514cab21af80ea5b9420e9c3 a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 25331636-a1cd-4ceb-84cc-fd85cfd8a861
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG23AGLIoAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631904f9-6fbb23ec3dc9d55e344bc6d7;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 20:54:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6rK3xzw-3wH6O2TCotqsmazLOzUWUbWtgxpVYxm5YQAmVVf4IcPLMA==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:47:28 GMT
age: 30061
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0789404fdbe3613d465d8fa89a63d7b8 0617d2e513097ca415a1d07cd39b1cb64d832ecf 80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:02:44 GMT
age: 18345
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash967db8594cfbc60139ea4bccfe259742 be8239300d4abfb14466655eedb6b277543ad8b2 eb6585e04cd275e2bf02c2cf8d8693e43f0c0a3e7fec0092fc2ff18025b45dde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7543
x-amzn-requestid: a8a09d68-971d-4d84-bf6b-ca78644927b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8DHQ4IAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-54803f1d5f1777f334c7a4d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MdjZuif30Qf14NHbkELd3X2FqrPy5gGIJCnyjKrL2v5TY9DRD0VHiA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:13:11 GMT
age: 35718
etag: "be8239300d4abfb14466655eedb6b277543ad8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashde3f5f47acb69d9c4fa6721b5283404a 895f8e58be471d713557a1318b3d050429cfe419 396f97609adc2f1cdf7e241f8b164ae89e0d353cc26e48184977a1c684c544cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6154
x-amzn-requestid: 3341eb6d-9787-470e-aceb-dd722af36716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GVwIAMFSzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4e79b8594d68a9c504e33a25;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ig7ITAeZj5ypLK25XtmhEQIR_pz-P96ZUgOA0Q4OgwVtAF5pmo4sA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:49:32 GMT
etag: "895f8e58be471d713557a1318b3d050429cfe419"
content-type: image/jpeg
age: 37137
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash1f2ff0fea7939e810ad4c60fe553b6f4 16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0 9b46d70511b3a16eb5a682cd0acb13f185570ca55be11ccbcff285428e58e2e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 17:09:30 GMT
Expires: Tue, 20 Sep 2022 17:09:29 GMT
Etag: "16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0"
Cache-Control: max-age=550259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a7a2919f920b41-OSL
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash936592fa429c2a097038fcf29488db57 2b220c5b61d7419e234a4a768b7773c2e0fb0d0d 42ec0c0a496f6fa3f9ee494cb8e5b19a7f54f1d5b2eddced2c89218b409451ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 08:08:29 GMT
Last-Modified: Wed, 14 Sep 2022 06:35:24 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VdCgfhgZug_j3h_VRCDq0xsekVDSlsrU1hxuymGjVNMnLPC0uwtwhw==
Age: 5585
|
|
| x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf | 3.126.140.73 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf IP3.126.140.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf
Set-Cookie: tuuid=a24c48fb-bb2d-45c7-ab53-fbf64f1a5b55; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
|
| x.bidswitch.net/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D | 3.126.140.73 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1x.bidswitch.net/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D IP3.126.140.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Set-Cookie: tuuid=d7d0c7ae-8f2d-414a-9b4e-324180106180; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663142909; path=/; expires=Thu, 14-Sep-2023 08:08:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
|
| eb2.3lift.com/xuid?mid=7963&xuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29&dongle=3oy7 | 13.248.245.213 | 200 OK | 37 B |
URL HTTP/2eb2.3lift.com/xuid?mid=7963&xuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29&dongle=3oy7 IP13.248.245.213:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash3eacd0132310ea44cad756b378a3bc07 e2216a7e9b73f5cb0279351c78ce61c33475cea7 bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7963&xuid=93fb6fa3-5c61-4b53-a607-90c7069c6b29&dongle=3oy7 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 08:08:29 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|
| x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf | 3.126.140.73 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf IP3.126.140.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=8b175379-1cd3-4864-9678-ecb83a4e8caf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
|
|
| x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D | 3.126.140.73 | 200 OK | 43 B |
URL HTTP/1.1x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D IP3.126.140.73:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Length: 43
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash1f2ff0fea7939e810ad4c60fe553b6f4 16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0 9b46d70511b3a16eb5a682cd0acb13f185570ca55be11ccbcff285428e58e2e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 17:09:30 GMT
Expires: Tue, 20 Sep 2022 17:09:29 GMT
Etag: "16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0"
Cache-Control: max-age=550259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a7a2919b84b4f3-OSL
|
|
| api.xtremepush.com/push/api/deviceCreate | 52.18.219.182 | 200 OK | 214 B |
URL HTTP/1.1api.xtremepush.com/push/api/deviceCreate IP52.18.219.182:0
File typeJSON data\012- , ASCII text, with no line terminators Hashdabc9fc2558b9777ffb2a1708bee18bd 12f939578589656f5c3a023240791686b41c692f bc020c177e8d457836f38b2f711abae8480c55df67b7429c13660ca257c787c1
POST /push/api/deviceCreate HTTP/1.1
Host: api.xtremepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 384
Origin: https://www.premierbet.co.ao
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://www.premierbet.co.ao
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
Access-Control-Allow-Credentials: true
Set-Cookie: _xpid_2408=353925853; expires=Mon, 13-Mar-2023 08:08:29 GMT; Max-Age=15552000; path=/; secure; HttpOnly
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash1f2ff0fea7939e810ad4c60fe553b6f4 16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0 9b46d70511b3a16eb5a682cd0acb13f185570ca55be11ccbcff285428e58e2e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 17:09:30 GMT
Expires: Tue, 20 Sep 2022 17:09:29 GMT
Etag: "16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0"
Cache-Control: max-age=550259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a7a291b929fac4-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash1f2ff0fea7939e810ad4c60fe553b6f4 16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0 9b46d70511b3a16eb5a682cd0acb13f185570ca55be11ccbcff285428e58e2e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 17:09:30 GMT
Expires: Tue, 20 Sep 2022 17:09:29 GMT
Etag: "16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0"
Cache-Control: max-age=550259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a7a2918ef2b4fa-OSL
|
|
| x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=1326806c-3154-4a73-8891-2a24bb504f56 | 3.126.140.73 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=1326806c-3154-4a73-8891-2a24bb504f56 IP3.126.140.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=1326806c-3154-4a73-8891-2a24bb504f56 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
|
|
| x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=7a8f428f-0381-4d70-9779-afcf04cf5dc4 | 3.126.140.73 | 302 Moved Temporarily | 0 B |
URL HTTP/1.1x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=7a8f428f-0381-4d70-9779-afcf04cf5dc4 IP3.126.140.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&cb=7a8f428f-0381-4d70-9779-afcf04cf5dc4 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 14 Sep 2022 08:08:29 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
|
|
| x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D93fb6fa3-5c61-4b53-a607-90c7069c6b29 | 3.126.140.73 | 200 OK | 43 B |
URL HTTP/1.1x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D93fb6fa3-5c61-4b53-a607-90c7069c6b29 IP3.126.140.73:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /syncd?dsp_id=409&user_group=1&user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D93fb6fa3-5c61-4b53-a607-90c7069c6b29 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Length: 43
Connection: keep-alive
|
|
| api.xtremepush.com/push/api/deviceUpdate | 52.18.219.182 | 200 OK | 71 B |
URL HTTP/1.1api.xtremepush.com/push/api/deviceUpdate IP52.18.219.182:0
File typeJSON data\012- , ASCII text Hashb1e87a893cbb6354c265097d1f8f6c8e b80d9028eb48b7b15b7755013084d8e2111317e4 99bb4d9260645d1fd9f317580546ab054d99d293e246e4b8d2290f93d568b774
POST /push/api/deviceUpdate HTTP/1.1
Host: api.xtremepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 103
Origin: https://www.premierbet.co.ao
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:29 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://www.premierbet.co.ao
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash51e2991fe0663cf8837d225a761815d6 043be7902367fa70ccc6eed75a055102eef3e048 89bb08bc21bd07042ca4e34a572c1d456ac591bcf44b11e87a004ec7f17fee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 08:08:29 GMT
Last-Modified: Wed, 14 Sep 2022 07:09:54 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RM3pyB9yfRsf5qYPHNMVc2O2U0s4oyx-hR8SFoiNLV01xT3nXU5Cwg==
Age: 3515
|
|
| match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= | 3.121.205.163 | 204 No Content | 0 B |
URL HTTP/2match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= IP3.121.205.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 14 Sep 2022 08:08:29 GMT
X-Firefox-Spdy: h2
|
|
| match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= | 3.121.205.163 | 204 No Content | 0 B |
URL HTTP/2match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= IP3.121.205.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 14 Sep 2022 08:08:30 GMT
X-Firefox-Spdy: h2
|
|
| match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= | 3.121.205.163 | 204 No Content | 0 B |
URL HTTP/2match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= IP3.121.205.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=93fb6fa3-5c61-4b53-a607-90c7069c6b29&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 14 Sep 2022 08:08:30 GMT
X-Firefox-Spdy: h2
|
|
| prod.webpu.sh/5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/service-worker-source.js?v=2.1.5 | 52.211.92.2 | 200 OK | 1.7 kB |
URL HTTP/1.1prod.webpu.sh/5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/service-worker-source.js?v=2.1.5 IP52.211.92.2:0
File typeASCII text, with very long lines (5364) Hash6ae9c91df19b56b59128b8c1d5dc7479 6ced8b84e5fe14659d591d1fc54b438f62a9d967 d25553fd69e9e0a66c7357c1748e394400a69d6d680e222ac1b3bf33864263cf
GET /5Sq_zlkNVZwOsnPNRD1zbZkLhuGBbtZq/service-worker-source.js?v=2.1.5 HTTP/1.1
Host: prod.webpu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:30 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-amz-id-2: /kyqw9Geai8p6RIeZ6g+5awv3UZYAtxk2NhJcRbWKgpzRKr2VBmy2ZaUYbKW7Ij9qxPxo5GkTLY=
x-amz-request-id: P9AVQ8J3DV7KPMDE
Last-Modified: Wed, 07 Sep 2022 10:30:26 GMT
ETag: W/"6d978232c2fd088e50aba65c6239e046"
Cache-Control: max-age=21600
Content-Encoding: gzip
|
|
| api.xtremepush.com/push/api/swActivate | 52.18.219.182 | 200 OK | 0 B |
URL HTTP/1.1api.xtremepush.com/push/api/swActivate IP52.18.219.182:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /push/api/swActivate HTTP/1.1
Host: api.xtremepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.premierbet.co.ao/
Origin: https://www.premierbet.co.ao
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:30 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.premierbet.co.ao
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Credentials: true
|
|
| api.xtremepush.com/push/api/swActivate | 52.18.219.182 | 200 OK | 47 B |
URL HTTP/1.1api.xtremepush.com/push/api/swActivate IP52.18.219.182:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5f742c806da74828ac003b1d64fd80ea f91efbb80eaaf9136b5b2752596716c4307b6f31 39ce5e3ba894afa278bff6d8e0b0eb12ed86b464c4a08ae6f00691918d5acffa
POST /push/api/swActivate HTTP/1.1
Host: api.xtremepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premierbet.co.ao/
Content-type: application/json; charset=UTF-8
Origin: https://www.premierbet.co.ao
Content-Length: 124
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:30 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://www.premierbet.co.ao
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
Access-Control-Allow-Credentials: true
Set-Cookie: _xpid_2408=353925853; expires=Mon, 13-Mar-2023 08:08:30 GMT; Max-Age=15552000; path=/; secure; HttpOnly
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
|
|
| www.facebook.com/tr/?id=581470645900966&ev=PageView&dl=https%3A%2F%2Fwww.premierbet.co.ao%2Fpremier6%2Fregister%2F%3Fbtag%3D664761_32624591E4A640EF988E1A3C6F4299F6%26PremBet%3Dw6fld69s8smv0g1ji3dk5t7m&rl=&if=false&ts=1663142896558&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1663142896555.552210185&it=1663142895520&coo=false&rqm=GET | 157.240.200.35 | 200 OK | 44 B |
URL HTTP/2www.facebook.com/tr/?id=581470645900966&ev=PageView&dl=https%3A%2F%2Fwww.premierbet.co.ao%2Fpremier6%2Fregister%2F%3Fbtag%3D664761_32624591E4A640EF988E1A3C6F4299F6%26PremBet%3Dw6fld69s8smv0g1ji3dk5t7m&rl=&if=false&ts=1663142896558&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1663142896555.552210185&it=1663142895520&coo=false&rqm=GET IP157.240.200.35:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb798f4ce7359fd815df4bdf76503b295 f8cc6addf1707ad236ad9970b0a48f9733d07da5 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=581470645900966&ev=PageView&dl=https%3A%2F%2Fwww.premierbet.co.ao%2Fpremier6%2Fregister%2F%3Fbtag%3D664761_32624591E4A640EF988E1A3C6F4299F6%26PremBet%3Dw6fld69s8smv0g1ji3dk5t7m&rl=&if=false&ts=1663142896558&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1663142896555.552210185&it=1663142895520&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 14 Sep 2022 08:08:30 GMT
expires: Wed, 14 Sep 2022 08:08:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.xtremepush.com/push/api/deviceUpdate | 52.18.219.182 | 200 OK | 102 B |
URL HTTP/1.1api.xtremepush.com/push/api/deviceUpdate IP52.18.219.182:0
File typeJSON data\012- , ASCII text, with no line terminators Hashbafc05e0a765cdd86edca3b2d95ddb98 3e0d0a6fb31bf170233bda4dece5411eaeb26215 c09db454c65250c1467fbd676bf0bcc93eaaf23e01324ecf734d232eb12182ba
POST /push/api/deviceUpdate HTTP/1.1
Host: api.xtremepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 149
Origin: https://www.premierbet.co.ao
Connection: keep-alive
Referer: https://www.premierbet.co.ao/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 08:08:30 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://www.premierbet.co.ao
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
Access-Control-Allow-Credentials: true
Set-Cookie: _xpid_2408=353925853; expires=Mon, 13-Mar-2023 08:08:30 GMT; Max-Age=15552000; path=/; secure; HttpOnly
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
|
|
| ocsp.godaddy.com/ | 192.124.249.36 | 200 OK | 1.8 kB |
IP192.124.249.36:0
Hash6fb83d8ea85cade2a41305ef149d1b24 3cbf591685cdc5a188e9a811414764a83ea2ab83 55940b50cfcd91175fed8c390a73c0ef40d6cbc066a78f29e2714591571b1744
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Sep 2022 08:08:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 16:37:44 GMT
Expires: Wed, 14 Sep 2022 16:37:44 GMT
ETag: "3cbf591685cdc5a188e9a811414764a83ea2ab83"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| www.premierbet.co.ao/premier6/register/?btag=664761_32624591E4A640EF988E1A3C6F4299F6&PremBet=w6fld69s8smv0g1ji3dk5t7m | 172.67.144.183 | 200 OK | 0 B |
URL HTTP/2www.premierbet.co.ao/premier6/register/?btag=664761_32624591E4A640EF988E1A3C6F4299F6&PremBet=w6fld69s8smv0g1ji3dk5t7m IP172.67.144.183:0
GET /premier6/register/?btag=664761_32624591E4A640EF988E1A3C6F4299F6&PremBet=w6fld69s8smv0g1ji3dk5t7m HTTP/1.1
Host: www.premierbet.co.ao
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 14 Sep 2022 08:08:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: none
cache-control: no-transform
etag: W/cdf0e727d34ef8b5e2dc69b6a607ba97
set-cookie: B2BS=QB7ufjVaJBD8258hjVMGnjrnctoUM3koB%2FeDbmEoeNvUleXZ077Zd%2B1vI%2FhNX5CvnPuET9nIeBMD9BbVNfLkG0mYsGQscRckfcPJZo0pdP4zIqJYEPKMoR6f8mV7BG2D89xmWcFc78F9KHwPuB9pZX2h9TVFsmFy7WIxoQCQPx8mytWGcmUQPtIshgwZAV3xWKs%3D; path=/; secure; HttpOnly; SameSite=None
x-internal: 0
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V2BzLr0Y4BJKCausXKnBBy4_7kIB2SVmIGUCcTyB_K3ehHJrU7uQNQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEroE6NHgvEiaHa%2Bo9WZLgRpSc%2BKLGYIzfUQ4fHR%2FLczbfEBINpuhE0JXDMzN0AYPgXQ7oF5N5jZIjMhEcU%2Bc3mlAyldGo25Bhj02vJs4bs3gnFMkcDSUujnYQT5tIh7hNKzvYVGMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a7a283afc1fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|