firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 04:13:56 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0j18w0sRMcRZYUgjWWvGFVJXEW7ki-JoDmZHu-lYShHQSDqMTvnzxw==
Age: 2429
howsliferightnow.com/hilrn/
104.21.11.48301 Moved Permanently 162 B URL HTTP/1.1 howsliferightnow.com/hilrn/
IP 104.21.11.48:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET /hilrn/ HTTP/1.1
Host: howsliferightnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 04:54:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://howsliferightnow.com/hilrn/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClKqAJqPwdBPQ9vS6yNxSmdCXVS6KhVb%2Fi3iHF7JSu6DborpRN7kx%2FvlHjm%2F%2BBvBy0aaHmsWtEe2UiKg8NBWjmX2r1AnpAZZSbr%2Bu16I8EMzcEtQ6kkFWgRRt5KFSJnNjteVZe4nww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e871491f1dfac4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19965
Expires: Thu, 22 Sep 2022 10:27:10 GMT
Date: Thu, 22 Sep 2022 04:54:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7565
Expires: Thu, 22 Sep 2022 07:00:30 GMT
Date: Thu, 22 Sep 2022 04:54:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7VjyRQpk6cszfCiKYnakJBIt9KlEr8Jj8e+SXqZPG7lMspbn4QTnuw898ifUQyVlq1vOaz2Fq0U=
x-amz-request-id: 3680E9KDHP9R89PG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Sep 2022 04:46:06 GMT
age: 499
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securely-send.com/storage/howisliferightnow_br.js
161.35.78.172200 OK 79 kB URL HTTP/2 securely-send.com/storage/howisliferightnow_br.js
IP 161.35.78.172:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e6046812863d3061a81c9e1de8504e4
c8ebf8eb5757859f39a56f70f72568f55318276c
9b9ef1c7bd9ac53b2194d29cac60b003acf1ac449841cdbb5eedf38c64f63302
Analyzer Verdict Alert fortinet Phishing
GET /storage/howisliferightnow_br.js HTTP/1.1
Host: securely-send.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howsliferightnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 78924
last-modified: Mon, 19 Sep 2022 08:48:18 GMT
etag: "63282cd2-1344c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://howsliferightnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 562448
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 04:03:23 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:54:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NWH5NV43ZjGQle008MSAkKsJA58pekR0HWtpRKQArAieGpkxi4IUKA==
Age: 3064
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2959
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Last-Modified: Thu, 22 Sep 2022 04:05:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5b290cdeb281b24545aaac08f94b2257
e70656493693bc2413021c7a2672226e7e34b342
c2d43544249ff90091b3d9a3b6770f0737a69eb807116b50dc7488387576fdab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3034
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Last-Modified: Thu, 22 Sep 2022 04:03:53 GMT
Server: ECS (amb/6B86)
X-Cache: HIT
Content-Length: 279
www.bet365.com/olp/open-account?affiliate=365_01175261
5.226.179.10200 OK 1.9 kB URL HTTP/1.1 www.bet365.com/olp/open-account?affiliate=365_01175261
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 99ef9c9ca35df05445cbd49329903759
18611cda3574cd0753a83b61d44e3304d33b9298
68fb044232a20837050c9389f27809e46f7210d566b4121025c44a4b7c223f07
GET /olp/open-account?affiliate=365_01175261 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ServerDetails: <!--1P1 - 78-->
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 74e871501b1eb518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b2c5156c8ab155c73ac613ca2ad706ee
a047195a0e570814731cfad2f30d6aa491f78e9c
833683c84c83141c02d7c2f16aa2521e82b5383dbc36daf430c8a29ff757b20c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 484
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Last-Modified: Thu, 22 Sep 2022 04:46:22 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D9cwRNQEWslf3i+aPaiSnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UQyM7NJ7vaun41EgwsGXUstek4w=
gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_CD_BR_PA_DT_VOLD&AutoR=1
104.21.42.165302 Found 12 kB URL HTTP/2 gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_CD_BR_PA_DT_VOLD&AutoR=1
IP 104.21.42.165:0
Hash 185e1585a543d2efbecb3b8501bdafc7
73ec9f24e713e53adb6e833f1c8c203ea3955071
a1710eed3b36ecf4b658a57d14ff6ba74e0cb8bbe043e558fbccf547ec1fe2db
GET /C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_CD_BR_PA_DT_VOLD&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=utf-8
location: https://br.betano.com/?btag=a_9862b_619c_PU_CD_BR_PA_DT_VOLD[CustomMergeFields]&siteid=9862
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
x-cnection: close
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANKOiqnoAK76Q31Kc9TpZciKZG2sD8G2Ts49%2FJTsFxoq09fk%2BoAdk%2BBZviJDTpZJLCWw1BhkhU7Un2BmByaYZVQIo3Ad7oWsH1TkytT5zE7vkvLGaeWvhlF11%2FTeNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871504a70b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2088826a9c64c6d3223b50a7b3977a46
0af13a52ca239c6b57337485d1dcb90489b14a69
6f8097d3271391f5681229a7dea2789a8ec0965ec15ced0ea71f2da174d083f3
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 922
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Last-Modified: Thu, 22 Sep 2022 04:39:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5b290cdeb281b24545aaac08f94b2257
e70656493693bc2413021c7a2672226e7e34b342
c2d43544249ff90091b3d9a3b6770f0737a69eb807116b50dc7488387576fdab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Server: ECS (amb/6B99)
Content-Length: 279
www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
5.226.179.10200 OK 46 kB URL HTTP/1.1 www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 45892, version 1.590\012- data
Hash e3596a29429736364ebfef73786a55ab
7bd9b6b18b0985c080d520610c0ab74a128d71bd
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
GET /olpc/Content/Fonts/FTN45__W.woff2 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Length: 45892
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 02:42:45 GMT
CF-Cache-Status: HIT
Age: 4385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e87150eb90b518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 7.1 kB IP 93.184.220.29:0
Hash 9b77fbb625691e32b861e252a3c1ef9c
1b155cb2a99b48f5294c964dee19d3b5c8b1a0bd
70458b70973667cf1e38bc2c04fb89bf99d932e24f70559bf64cb4724218bcc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Server: ECS (amb/6B86)
Content-Length: 280
www.bet365.com/olpc/olpc-scripts.js?v=BmxXilE_QKEKeD-XSrMYo41Fv0Bh3fspOfBHbtwuTdU1
5.226.179.10200 OK 6.2 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-scripts.js?v=BmxXilE_QKEKeD-XSrMYo41Fv0Bh3fspOfBHbtwuTdU1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (17541), with no line terminators
Hash 358ba5c1cd57966afcae2de6500ebaf0
81ad67b94916153b206326924fe1ba1ca0ca69ba
dbf54a9e2bc0e48758b0674d69ef43e77db7fcaefccedc2534a29eecbfa79d9c
GET /olpc/olpc-scripts.js?v=BmxXilE_QKEKeD-XSrMYo41Fv0Bh3fspOfBHbtwuTdU1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 6189
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Fri, 22 Sep 2023 02:42:26 GMT
Last-Modified: Thu, 22 Sep 2022 02:42:26 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 7815
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74e871510ba5b518-OSL
ic.aff-handler.com/C/43397?sr=1857549
217.147.127.42302 Found 315 B URL HTTP/1.1 ic.aff-handler.com/C/43397?sr=1857549
IP 217.147.127.42:0
ASN #201071 Virtual Internet Services Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 28193fbd618b2f459e6166c7dd20ebc5
7fa5a3781b5c13d52a49ec1800ba4d75f8d6beb1
0d65e14fc4e0113ae88f4b7c85c08fe5571a32a05d8cdcb9c29a52857d4450ac
GET /C/43397?sr=1857549 HTTP/1.1
Host: ic.aff-handler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://pt.888casino.com/exclusive-mob/offer-1500-88.htm?sr=1857549&mm_id=43397&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1857549_nodescription
Server:
X-AspNetMvc-Version: 4.0
Set-Cookie: uffiliate_click_43397_1857549_=uffiliate_click_43397_1857549_; expires=Sat, 22-Oct-2022 04:54:26 GMT; path=/; SameSite=None; Secure
srv: 1231321
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Length: 315
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d3e028a65192855b8b7b55bbec21b7c9
98df5d6a66a04a1a0e31ff6bc33be8a38d238de9
f0f36ac95d7b58bf1e95391cf5e00050c808cfcdfb853fb1465bd9e06956a041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4474
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Last-Modified: Thu, 22 Sep 2022 03:39:52 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 279
www.bet365.com/olpc/olpc-styles.css?v=NqiGWskleMD4StfhDQ3-nFhibmRtUTiUE0TylWWANyY1
5.226.179.10200 OK 28 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-styles.css?v=NqiGWskleMD4StfhDQ3-nFhibmRtUTiUE0TylWWANyY1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 892de1e2a3a76cdb21dc2987fd0f74b2
6df6ba29912ec8c6011e9614afd353e41e082fbd
5d7091d230da910c145ab62b01f6790660b9094fe9cff5c0a49987cd7b23247a
GET /olpc/olpc-styles.css?v=NqiGWskleMD4StfhDQ3-nFhibmRtUTiUE0TylWWANyY1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 28214
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Fri, 22 Sep 2023 02:42:29 GMT
Last-Modified: Thu, 22 Sep 2022 02:42:29 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 7815
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74e8715108b20b61-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aacc0e74cc068a37eccc23cfdf90e248
c33c6b07cd68c0c68c84a37eaf94049e7a721bd6
47c1355e71c3440e1abc4568aa78e14f5346ae34e8d938956fa9ff8477816e7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47C1355E71C3440E1ABC4568AA78E14F5346AE34E8D938956FA9FF8477816E7C"
Last-Modified: Tue, 20 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Thu, 22 Sep 2022 10:54:05 GMT
Date: Thu, 22 Sep 2022 04:54:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9b62510cbe305020b5489eeb9a5adda9
173cd40ea2e401da3cd10a0aaca4ca9cf8c39aed
19c3426893cc4c493f4afbb960167f3cdd16667eae4645c8f423167af98fed7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5529
Cache-Control: max-age=117159
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Etag: "632afb90-117"
Expires: Fri, 23 Sep 2022 13:27:05 GMT
Last-Modified: Wed, 21 Sep 2022 11:54:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
5.226.179.10200 OK 3.5 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9269), with no line terminators
Hash 98bcac0371848a06a6f92b5ee76c6e3b
627e769cf44740a8b30941add73b3aef2c2fb9d2
5639b9ce7e554b0e2b7ee0e68132efb43cff2b0d5f8e65782b81a7c20e733b09
GET /members/services/host/Scripts/js/ProductCommon_v1.js HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 04:54:26 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871511de21c0e-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bet365.com/LandingPageCountry/GetLanguageByCountryIdAndStateId?countryId=143&stateId=0
5.226.179.10200 OK 1 B URL HTTP/1.1 www.bet365.com/LandingPageCountry/GetLanguageByCountryIdAndStateId?countryId=143&stateId=0
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /LandingPageCountry/GetLanguageByCountryIdAndStateId?countryId=143&stateId=0 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1
Connection: keep-alive
Cache-Control: public, no-cache="Set-Cookie", max-age=432000
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 20 Sep 2022 06:12:13 GMT
CF-Cache-Status: HIT
Age: 151915
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e87151ac1cb518-OSL
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
5.226.179.10200 OK 696 B URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (990), with no line terminators
Hash 978e1b7bc4a38e36636c62be8d5a379d
b127ed542913c3972040e089bd2163c40578d7d7
5a6ef79ed593965cf1973cd9cbb09973b119bc78cb8cb8df0c032c7f7442c37c
GET /members/services/host/Scripts/js/ProductCommon_v1.js?async HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 04:54:26 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871517d09b4f7-OSL
content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
5.226.179.10200 OK 7.9 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 255 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 51325bd6f5ada6b0eba71b19dda89dd7
4c67ca4f77680cd5acdcf04cac6b9a673e5ccc70
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
GET /SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: image/png
Content-Length: 7868
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Tue, 27 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e87151cd320b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 1ab731e76cb2e705c3408180a199f49d
49438df660e81067af2f24dede3e2114bfee85be
9bcda4af8c60c51c742e036a61065592058adfe3fafa61e0da8eec9cb485db97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:26 GMT
Server: ECS (amb/6B87)
Content-Length: 727
brazpromo.com/promo/click/625ebe7a6fad3
45.148.37.221302 Found 0 B URL HTTP/1.1 brazpromo.com/promo/click/625ebe7a6fad3
IP 45.148.37.221:0
ASN #208685 Serverius Holding B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /promo/click/625ebe7a6fad3 HTTP/1.1
Host: brazpromo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 04:54:26 GMT
Location: https://brazino777.online/pt/game/prematch-mts?b7pm=625ebe7a6fad3&ambp=
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhenByb21vLmNvbTkxLjkwLjQyLjE1NCJ9.ZDjYFvYZxKUILrfNkwyaoGB08xcqbaPDMkFduOzW5IB2ZVDJBddC_Pnc27evdhIMWpb7HJkTdwhNcxLCocsL6w; Path=/; Expires=Fri, 23 Sep 2022 04:54:26 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=3d8b4a263f4541b0797b559e5a5516de; Path=/; Expires=Thu, 22 Sep 2022 05:09:26 GMT; HttpOnly; Secure; SameSite=Lax
language=0a3b45ef3d9911d062a3688889a40a6e1b05ce4e%7Een; expires=Thu, 29-Sep-2022 04:54:26 GMT; Max-Age=604800; path=/
06cf2d133e0b33cb8a2a1eb1ec5b5c8b=6c879f1c3231ca908b068c4005a9e4e728b774c2%7E66; expires=Fri, 22-Sep-2023 04:54:26 GMT; Max-Age=31536000; path=/
session=51726ea27a74100f4adce4c72b41a583d97c2f0f%7E632bea82cfb821-54499375; expires=Thu, 29-Sep-2022 04:54:26 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Waf-Req-Id: d8b7fa91-86f8-471c-8685-eef2863d9ec5-2652022
Content-Length: 0
www.googletagmanager.com/gtm.js?id=GTM-5DJNXMC
142.250.74.72200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5DJNXMC
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 9ed61dd71e197219839327c98a5d3446
21635522dbe4a3c76c855de8c1a2e20d5c92b016
813665e25fa4e8baaea61c9124d5e60e7c825390546c6a56a85e499a2d39faf3
GET /gtm.js?id=GTM-5DJNXMC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 04:54:26 GMT
expires: Thu, 22 Sep 2022 04:54:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-Z57QP9ZEE5
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Z57QP9ZEE5
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 5c14f935fa4c5a2c1a49ed7771f2b25e
6fc23dd9492eb2d57c96c92eebfc6f95a0dd1e8a
da799d312fa4c880e25656bfe0638131c1f3fe7dc720bb2c13459c5e2ad3a887
GET /gtag/js?id=G-Z57QP9ZEE5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 04:54:26 GMT
expires: Thu, 22 Sep 2022 04:54:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
5.226.179.10200 OK 6.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 162 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b8c19b189cccdda7105465a474c9b4d
6ef1cecd283f484606c987259e06a22ff3aff7ae
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
GET /SportsContent/Global/Footer/SPORTSX1-ESSA_2.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: image/png
Content-Length: 6386
Connection: keep-alive
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Tue, 27 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871522d5b0b55-OSL
content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
5.226.179.10200 OK 5.3 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 188 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 40ed9c8ae714b944f87008ab90bb071d
32bbf71529809e6ea3521c5636838a76c7488fae
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
GET /SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: image/png
Content-Length: 5324
Connection: keep-alive
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Tue, 27 Sep 2022 04:54:26 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871521f6ab527-OSL
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECtdWODAQAAlzh0hXxcJWDc7nDu6jJ0norrkR-Q5G_hOlCc9B8EA8dhRAu1&PIRXTcSdwp--z=q
5.226.179.10200 OK 142 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECtdWODAQAAlzh0hXxcJWDc7nDu6jJ0norrkR-Q5G_hOlCc9B8EA8dhRAu1&PIRXTcSdwp--z=q
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141694 bytes)
Hash b3c34e8103396bd444b700de117acb13
329e59b1a4868d6edafa486508ac998ed16949de
17034e8aac4cca1c17186b5be0497c825739b460af620d91b82bfc2c1e8bdfbc
GET /members/services/host/Scripts/js/ProductCommon_v1.js?seed=AECtdWODAQAAlzh0hXxcJWDc7nDu6jJ0norrkR-Q5G_hOlCc9B8EA8dhRAu1&PIRXTcSdwp--z=q HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:26 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 04:30:00 GMT
CF-Cache-Status: HIT
Age: 1462
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871527ca3b518-OSL
sport.galera.bet/affiliates/?btag=717558_l150320
35.233.121.223301 Moved Permanently 169 B URL HTTP/1.1 sport.galera.bet/affiliates/?btag=717558_l150320
IP 35.233.121.223:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ff3438f1699724c1ce3d071d2ca210c2
8784ddfff3a51e608dd34fce5942bc8c91af8b11
98d367d32108a25ed28048a4f17b2504e610249dd0bf2dcf368c7f922b300997
GET /affiliates/?btag=717558_l150320 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/html
content-length: 169
location: https://sport.galera.bet/affiliates?btag=717558_l150320
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
5.226.179.10200 OK 2.0 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash d8cb8a91c78942815c69aaeea7c79162
0a36fd477b2c7d88bb67d95e806bf5838d1b39cd
057c251de5bc8825df293db443b8c9a99e01f856abe658c741a89c86b6bfa2e1
GET /SportsContent/Global/Footer/MGALICENSED.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:27 GMT
Content-Type: image/png
Content-Length: 1979
Connection: keep-alive
Last-Modified: Wed, 10 Jul 2019 13:20:52 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Tue, 27 Sep 2022 04:54:27 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871532a020b45-OSL
pt.888casino.com/exclusive-mob/offer-1500-88.htm?sr=1857549&mm_id=43397&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1857549_nodescription
143.204.55.23301 Moved Permanently 0 B URL HTTP/2 pt.888casino.com/exclusive-mob/offer-1500-88.htm?sr=1857549&mm_id=43397&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1857549_nodescription
IP 143.204.55.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exclusive-mob/offer-1500-88.htm?sr=1857549&mm_id=43397&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1857549_nodescription HTTP/1.1
Host: pt.888casino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://br.888casino.com/exclusive-mob/offer-1500-88.htm?country=nor&isftd=false&lang=pt&mm_id=43397&orig-lp=https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm&referrer=NULL&sr=1857549&state=03&testdata=%7b%22mm_id%22%3a%2243397%22%2c%22orig-lp%22%3a%22https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm%22%2c%22queryserial%22%3a%221857549%22%2c%22referrer%22%3a%22NULL%22%2c%22utm_campaign%22%3a%22100138643_1857549_nodescription%22%2c%22utm_content%22%3a%22100138643%22%2c%22utm_medium%22%3a%22casap%22%2c%22utm_source%22%3a%22aff%22%7d&utm_campaign=100138643_1857549_nodescription&utm_medium=casap&utm_source=aff
date: Thu, 22 Sep 2022 04:54:27 GMT
x-wcs-correlation-id: VdUeOGi-jBYepHbsL3i8DgyCewnBI8OhDqN5EwYO71YAbs-BtvRyoA==
set-cookie: 888Cookie=isftd%3Dfalse%26isreal%3Dfalse%26lang%3Dpt%26OSR%3D1857549%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243397%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fpt.888casino.com%2Fexclusive-mob%2Foffer-1500-88.htm%22%2C%22queryserial%22%3A%221857549%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100138643_1857549_nodescription%22%2C%22utm_content%22%3A%22100138643%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=2592000; domain=888casino.com; path=/; secure; samesite=none; httponly
888TempCookie=sr%3D1857549; max-age=30; domain=888casino.com; path=/; secure; samesite=none; httponly
apigw-requestid: Y2GUfisyjoEEMHg=
vary: Cookie
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VdUeOGi-jBYepHbsL3i8DgyCewnBI8OhDqN5EwYO71YAbs-BtvRyoA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
5.226.179.10200 OK 4.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 097b1799e6f2ab026f137f91b4627384
fd6a5222f5743cccc954a311b6d30b4125179244
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
GET /SportsContent/Global/Footer/SPORTSX2-18.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:27 GMT
Content-Type: image/png
Content-Length: 4400
Connection: keep-alive
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Tue, 27 Sep 2022 04:54:27 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871533b460b65-OSL
content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
5.226.179.10200 OK 1.7 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 206 x 48, 8-bit colormap, non-interlaced\012- data
Hash 9c970e4a7854f871873d7b1401701536
2236689845834104a586507057840c7229c7353c
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
GET /SportsContent/Global/Footer/eCogra-Horizontal2x.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=zyUXoR507Q_jbF.w1gvyANsg2r5rqZWi_0JB3C3W62U-1663822466-0-ASASmBkJU8FoawI6mxuQ04gPjjC1EuzWYoipAZUHEgsWupAI05HU+J2J80RwwvG4R2gSqkC8JHfRvfSWhzo7IRw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:27 GMT
Content-Type: image/png
Content-Length: 1671
Connection: keep-alive
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Timing-Allow-Origin: *
CF-Cache-Status: REVALIDATED
Expires: Tue, 27 Sep 2022 04:54:27 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e871533912b52d-OSL
pmaff.com/?serial=61283909&creative_id=1215&anid=PU_CD_BR_PA_DT_VOLD
172.67.164.125302 Found 1.3 kB URL HTTP/2 pmaff.com/?serial=61283909&creative_id=1215&anid=PU_CD_BR_PA_DT_VOLD
IP 172.67.164.125:0
Hash 75dc52b65fd60156511ffa183da4eb44
5c54e3a8c0bf58fa8d2896e1f067b4f254b67c22
be9a0670e1484c31606c6047b02d7cb63667a6c90c9135dfff02988c88f92e10
GET /?serial=61283909&creative_id=1215&anid=PU_CD_BR_PA_DT_VOLD HTTP/1.1
Host: pmaff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=UTF-8
location: https://td.prism.bet/?tid=pr_a9b30_PMI_RevShare_all_GEOs&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215
x-powered-by: PHP/8.0.8
cache-control: no-cache, private
x-pm-click: 36dcf1ea97d58172fde774c80de83142cca759aee0014e99983c673bae7064b9f4e365164e3f04af84811486008ba7c655280ba5d31e31a9933b9ba6b950c133
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3l%2FXTZIqWuKCCt5DXzKOa7pX2xqcgR3296RJwnMvuSh9qwRTZN4WeLOjVY%2FZf%2FTSImiA70I22xGGbOmf5xbcrxAVy3RsycupOfKf4ZijIeZX5xxlKeXheDebl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715038950b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sport.galera.bet/affiliates?btag=717558_l150320
35.233.121.223302 Found 0 B URL HTTP/1.1 sport.galera.bet/affiliates?btag=717558_l150320
IP 35.233.121.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /affiliates?btag=717558_l150320 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Thu, 22 Sep 2022 04:54:27 GMT
content-length: 0
location: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOOhp9QEacqBwGr7Gw8K6%2Fd3Am6E1FSQ7tqxmZRhgvhwz6%2Bveef%2FRu4SNEFpzVpYF0ffbP5MsEDkcJ8MYZt%2BkEreovlG8RU0VK7EJj1WhZgKLuoaf4UIziauj59dqCAmwQdtC0vDBm%2FacAg57vyQWpAC%2F5jwTmdRyFXX8K6EB1XI8MM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 74e87153cbaddd76-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7317d0d1910bdf4c462085aa10a43a04
5dea1195b4346abf285087b6ca10cdfedb7c14c2
428c7b230c8f391a3dd451ab220b20921e88f0bb407a9defe3491210e91f106c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "428C7B230C8F391A3DD451AB220B20921E88F0BB407A9DEFE3491210E91F106C"
Last-Modified: Wed, 21 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Thu, 22 Sep 2022 10:53:57 GMT
Date: Thu, 22 Sep 2022 04:54:27 GMT
Connection: keep-alive
br.888casino.com/exclusive-mob/offer-1500-88.htm?country=nor&isftd=false&lang=pt&mm_id=43397&orig-lp=https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm&referrer=NULL&sr=1857549&state=03&testdata=%7b%22mm_id%22%3a%2243397%22%2c%22orig-lp%22%3a%22https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm%22%2c%22queryserial%22%3a%221857549%22%2c%22referrer%22%3a%22NULL%22%2c%22utm_campaign%22%3a%22100138643_1857549_nodescription%22%2c%22utm_content%22%3a%22100138643%22%2c%22utm_medium%22%3a%22casap%22%2c%22utm_source%22%3a%22aff%22%7d&utm_campaign=100138643_1857549_nodescription&utm_medium=casap&utm_source=aff
143.204.55.23301 Moved Permanently 0 B URL HTTP/2 br.888casino.com/exclusive-mob/offer-1500-88.htm?country=nor&isftd=false&lang=pt&mm_id=43397&orig-lp=https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm&referrer=NULL&sr=1857549&state=03&testdata=%7b%22mm_id%22%3a%2243397%22%2c%22orig-lp%22%3a%22https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm%22%2c%22queryserial%22%3a%221857549%22%2c%22referrer%22%3a%22NULL%22%2c%22utm_campaign%22%3a%22100138643_1857549_nodescription%22%2c%22utm_content%22%3a%22100138643%22%2c%22utm_medium%22%3a%22casap%22%2c%22utm_source%22%3a%22aff%22%7d&utm_campaign=100138643_1857549_nodescription&utm_medium=casap&utm_source=aff
IP 143.204.55.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exclusive-mob/offer-1500-88.htm?country=nor&isftd=false&lang=pt&mm_id=43397&orig-lp=https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm&referrer=NULL&sr=1857549&state=03&testdata=%7b%22mm_id%22%3a%2243397%22%2c%22orig-lp%22%3a%22https%3a%2f%2fpt.888casino.com%2fexclusive-mob%2foffer-1500-88.htm%22%2c%22queryserial%22%3a%221857549%22%2c%22referrer%22%3a%22NULL%22%2c%22utm_campaign%22%3a%22100138643_1857549_nodescription%22%2c%22utm_content%22%3a%22100138643%22%2c%22utm_medium%22%3a%22casap%22%2c%22utm_source%22%3a%22aff%22%7d&utm_campaign=100138643_1857549_nodescription&utm_medium=casap&utm_source=aff HTTP/1.1
Host: br.888casino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 888Cookie=isftd%3Dfalse%26isreal%3Dfalse%26lang%3Dpt%26OSR%3D1857549%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243397%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fpt.888casino.com%2Fexclusive-mob%2Foffer-1500-88.htm%22%2C%22queryserial%22%3A%221857549%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100138643_1857549_nodescription%22%2C%22utm_content%22%3A%22100138643%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; 888TempCookie=sr%3D1857549
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-length: 0
location: https://br.888casino.com/exclusive-mob/offer-1500-88.htm?utm_campaign=100138643_1857549_nodescription&utm_medium=casap&utm_source=aff
date: Thu, 22 Sep 2022 04:54:27 GMT
x-wcs-correlation-id: dc5di4eYiXIpZkrqlHjcKjThKRsM-jMBHJb93F3WhRVuFG6GM4jOMg==
set-cookie: 888Cookie=isftd%3Dfalse%26isreal%3Dfalse%26lang%3Dbr%26OSR%3D1857549%26queryCountry%3Dnor%26queryState%3D03%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243397%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fpt.888casino.com%2Fexclusive-mob%2Foffer-1500-88.htm%22%2C%22queryserial%22%3A%221857549%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100138643_1857549_nodescription%22%2C%22utm_content%22%3A%22100138643%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=2592000; domain=888casino.com; path=/; secure; samesite=none; httponly
888TempCookie=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=888casino.com; path=/; secure; samesite=none; httponly
888TempCookie=sr%3D1857549; max-age=30; domain=888casino.com; path=/; secure; samesite=none; httponly
apigw-requestid: Y2GUhhqADoEEMpg=
vary: Cookie
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dc5di4eYiXIpZkrqlHjcKjThKRsM-jMBHJb93F3WhRVuFG6GM4jOMg==
X-Firefox-Spdy: h2
sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
35.233.121.223200 OK 42 kB URL HTTP/1.1 sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
IP 35.233.121.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10563), with CRLF, LF line terminators
Hash 4cebec91058d02ad66ea7f49811d56ae
defb2b1868acbd4e546b6292abf861d6f2d42be7
e8d12c2e5088d9205ca29d29b67d84a43b6da92efa33d61775db2b2c275a91c6
GET /ftdgenericft1?btag=717558_l150320&AFFAGG HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:27 GMT
etag: W/"427fe-Y8NHrF6f6OR24OO+aSdQlewtco8"
vary: Accept-Encoding
content-encoding: gzip
sb: 1
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2
104.26.4.172200 OK 22 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 21796, version 1.0\012- data
Hash 8074c760fbdd366fc1c33ce702911abf
b68cdebfb413c4ad60fa131dc29e36da4b3ce45c
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
GET /pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: font/woff2
content-length: 21796
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: am0G5U8_ScoCnp2jjBDgBIk2VtGkFOHs
cache-control: public, max-age=7200, must-revalidate
etag: "8074c760fbdd366fc1c33ce702911abf"
vary: Accept-Encoding
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IwbIRD0eCIzouIfGFR7YWUooITT8i0A6CmMnj5y2DjkcCYRnGHxC1Q==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snr567DwM%2F2i4Y5UkabUK4YrorW%2BQ4Xw%2FfFvUhxeeRKVwIMYv9e3NkNAkPVo%2BMT%2BA5C6iilG%2FDp0XCo2aKbkgFe029aJSdxRSV9e3uG07GhD6tayUIrtjlyewuLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871560ab9b500-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2
104.26.4.172200 OK 21 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 21416, version 1.0\012- data
Hash d258461a8f2c53d244500969828bdd3f
c796103e6ca328dd6a92bfecf72cda8f0a143158
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
GET /pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: font/woff2
content-length: 21416
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: sQzcaVuc1DGdJGV42RezEajvF9gKZkpn
cache-control: public, max-age=7200, must-revalidate
etag: "d258461a8f2c53d244500969828bdd3f"
vary: Accept-Encoding
via: 1.1 1d76dd98c16c516f48b964dacfe39bfe.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: PMO50-C1
x-amz-cf-id: nEzls-SeFSYkUMmyPdUSeLM4HvKIkxtv06B0PDinnaXE8fKOW_a13w==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19XWavxCp7Xg%2FQzPsxDOgHNCFpSlsntf%2FxmBrbRXWt008kn%2B%2Be6SvXXE1oybQdrtrGlPDio%2FpH7%2BWoI87gLzH7cPFY1%2F4lJaOczZt8GzBjQmyu73KqhBArjtN7Vl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871560abbb500-OSL
X-Firefox-Spdy: h2
sport.galera.bet/frontend-addon/spring-builder-public/assets/vendor.css?v=1663687627
35.233.121.223200 OK 4.6 kB URL HTTP/1.1 sport.galera.bet/frontend-addon/spring-builder-public/assets/vendor.css?v=1663687627
IP 35.233.121.223:0
File type ASCII text, with very long lines (24349), with no line terminators
Hash 6e67992262e36574fd668de94a348b61
a7e616bfd70810cd49308c07c5fd02cff3abc25c
671310a5db9fa1e812581235bee685db7175ca248ac5bb55347db0c116275d89
GET /frontend-addon/spring-builder-public/assets/vendor.css?v=1663687627 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/css
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:27 GMT
last-modified: Tue, 20 Sep 2022 15:31:55 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6329dceb-5f1d"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
sb: 1
brazino777.online/pt/game/prematch-mts?b7pm=625ebe7a6fad3&ambp=
45.148.37.160200 OK 8.0 kB URL HTTP/1.1 brazino777.online/pt/game/prematch-mts?b7pm=625ebe7a6fad3&ambp=
IP 45.148.37.160:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4745), with CRLF, LF line terminators
Hash e8a3de35e55bfe1121583b03aee58893
dd1fff5d92566bfa48fc21d92b2713e4c4e3f866
4a368f6621f61316f1483359988081733f9b5672aeada2f2e952d3414daee2e9
GET /pt/game/prematch-mts?b7pm=625ebe7a6fad3&ambp= HTTP/1.1
Host: brazino777.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate, private
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Sep 2022 04:55:06 GMT
Expires: Thu, 22 Sep 2022 04:54:27 GMT
Link: <https://www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/commons.e52a85a1.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/vue.0b609e06.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/5666.5a30bb8f.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/app.c3bd978f.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/gameNsoft.0537c705.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.b9adca53.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/categoryBlock.3d7b2879.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d467ba86.js?v10261>; rel="preload"; as="script",<https://www.brazino-cdnsrv-cst.org/build/app.8f9b5ddf.css?v10261>; rel="preload"; as="style",<https://www.brazino-cdnsrv-cst.org/build/gameNsoft.84c838d4.css?v10261>; rel="preload"; as="style",<https://www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.fc209836.css?v10261>; rel="preload"; as="style",<https://www.brazino-cdnsrv-cst.org/build/categoryBlock.15f60701.css?v10261>; rel="preload"; as="style",<https://www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10261>; rel="preload"; as="style"
Pragma: no-cache
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5vbmxpbmU5MS45MC40Mi4xNTQifQ.Rfol8wm9J8FMnvHSSgALD2BQ04tajLtC6dKIy7Obaed-ineWBTE7JCFlz2rWhnbB60jbgPABGpn7sPUzZEGKMw; Path=/; Expires=Fri, 23 Sep 2022 04:54:27 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=6ec61277bd16bd89a8cd85614bac0f84; Path=/; Expires=Thu, 22 Sep 2022 05:09:27 GMT; HttpOnly; Secure; SameSite=Lax
PHPSESSID=0nctdhm2tprjlvu1kphs8225ia; expires=Sat, 22-Oct-2022 04:54:27 GMT; Max-Age=2592000; path=/; HttpOnly
device_view=full; expires=Sat, 22-Oct-2022 04:54:27 GMT; Max-Age=2592000; path=/; httponly
ep=mq2DVSR%2BiwD2M4gIQA%2BlgcSk1AnMpYJI3xJGXieGU%2FvtCDQfjfqRzm8zJuM%2Bfp03%2FNj4vIgBUC4u3ljPC0fj0nGpZdUaX4kGBiuMN7tt5zf8gb6uE2gounTjCWKHvzhHNp5s7PR5ICArU8qdRHMwxwQZwaGRW2QVuAsr0WpicyouwBjmVeaPkeRqtO7l1eIV3Cz6SOXW1A; expires=Fri, 22-Sep-2023 04:54:27 GMT; Max-Age=31536000; path=/; httponly
_ym_vizorc_05172d1f7ab5fc28412218ce1ec67fd945124=c11170dca089cc3d7eb6d01a7f1a1068; expires=Wed, 22-Sep-2027 04:54:27 GMT; Max-Age=157766400; path=/
c8402da13b6006b93d3adb0b9a4de6ec=625ebe7a6fad3; expires=Sat, 22-Oct-2022 04:54:27 GMT; Max-Age=2592000; path=/; httponly
_z_locale=pt; path=/; httponly
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Waf-Req-Id: e27bab3b-cd23-40cc-b356-376e217a9502-2652022
Transfer-Encoding: chunked
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2
104.26.4.172200 OK 20 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 20424, version 1.0\012- data
Hash de9b3aab0cd838dac94553f2f4aaf6f5
5355facde197f12fc2578381566f04c4b5f36cbf
f91f44c1f7fbae5c1e92b83989432a43fb43bdaf5b3054f5acb95aa01e476aed
GET /pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: font/woff2
content-length: 20424
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: jllHWWioLa7gQ_VvjgPgQZG0wpnDOeYZ
cache-control: public, max-age=7200, must-revalidate
etag: "de9b3aab0cd838dac94553f2f4aaf6f5"
vary: Accept-Encoding
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RGbfvSHW8DShvNjAsh5Vl0khbPo1CSMDKqRrOZsnumNVTeS4gS0Eww==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4Pp9iwmewU5ZkkG0n719QoC2T1BHaYnb8MQcRE6vw8XhchmPBHNkIkHXUcObKRI2CBWY7WQroD%2BNUaTyl5wR0aDhN%2BUlA6Kojo%2FdlGwFVZWw9qi5BLJwlrmRJm5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87155ea97b500-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
104.26.4.172200 OK 21 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 21144, version 1.0\012- data
Hash 2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
GET /pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: font/woff2
content-length: 21144
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: scLHIwOqFGx4LnaqmAN10WaPjiLy2f__
cache-control: public, max-age=7200, must-revalidate
etag: "2bc7630144496092dc786ce63109e560"
vary: Accept-Encoding
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: CDG52-P2
x-amz-cf-id: csNUrjoTrsE_WnqQXLbC0blkYanSXm53VY1D6W8TiHHrxUjSMVE-8A==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OJsPnInHfHbQnTlLc3cPdk2LW8ZXL29qzTaRl43fXGgptHJcYaTTU2okr7BbdHwg%2FrPBI2qNRJIqUHdEwi7qHQmLwTk%2Bg5SalDsqUvDV0VBGct5%2FrfQzfOW0EDL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87155fa9db500-OSL
X-Firefox-Spdy: h2
www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
104.17.133.181200 OK 6.9 kB URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
IP 104.17.133.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1913), with CRLF, LF line terminators
Hash a8b6ef93bed2acd18e7ffd1d92404935
0a33b735db1429f2926400376d3508b44fd63e4e
11cb1e020a98f4d5f39f4df5d4de60f0a7bc14855fca9b3c390664c3f2089163
GET /pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
vary: Accept-Encoding
content-security-policy: frame-src *
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server-timing: vanilla;dur=200.6205
cf-cache-status: DYNAMIC
set-cookie: ASP.NET_SessionId=4cy4eflkb4hhsmtxywhtvvoq; domain=.br.betboo.com; path=/; secure; HttpOnly; SameSite=None
trc.cid=0a0bb9fbbec14c16b5ccd61d3d6db53b; domain=.br.betboo.com; expires=Tue, 21-Sep-2027 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
usersettings=lc=false&cid=pt-BR&vc=1&sst=2022-09-22T04:54:26.8395577Z&psst=0001-01-01T00:00:00.0000000Z&lsid=4cy4eflkb4hhsmtxywhtvvoq; domain=.br.betboo.com; expires=Sun, 19-Sep-2032 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
lang=pt-br; domain=.br.betboo.com; path=/; secure; SameSite=None
__cf_bm=wU0E4SyLCGZbUHj4g9huUi.pO0MxEc.44P3B8.qjZZ4-1663822466-0-ATJ5ORdzrQrLLtILzRoFg+5rmJe1kZqkWpCMm2Sd5MKZK+3rWYYjuXB9UXBjMP3geBnC/mYtyHU4lmRD9+cy5j8=; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e871506e730b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hls.js@latest
151.101.85.229200 OK 97 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@latest
IP 151.101.85.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 66c3005decf22cfc46f83208d3ae0325
bcca2e9f3207b28817fcbb0fa54fc956a1227a22
43397c4f5baffb576a3eecdc83e089a1980ac6a2ee2ece97ae082edb67a16261
GET /npm/hls.js@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.2.3
x-jsd-version-type: version
etag: W/"52326-8IZVSCFXSGrZbz2G4fgVuK2hukU"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 04:54:27 GMT
age: 28097
x-served-by: cache-fra19175-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 96860
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/4.png?1641822477294
185.162.231.251200 OK 3.0 kB URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/4.png?1641822477294
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 841ba658685140fd96c426b0341575ed
72166989f89a88cb6b14e32a259f7b2ef76d41d5
e7d11b16bc27dda77b6b8a8dedcb4924afff63b3f85efa59d1947758ef00d96c
GET /fs/userFiles-v2/galera-1877320/media/4.png?1641822477294 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: image/png
content-length: 3031
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4177, status=vary_header_present
etag: "61dc2741-1051"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Mon, 10 Jan 2022 12:32:01 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 9262938
accept-ranges: bytes
server: cloudflare
cf-ray: 74e871580fd3b511-OSL
X-Firefox-Spdy: h2
browser.sentry-cdn.com/5.25.0/bundle.tracing.min.js
151.101.194.217200 OK 24 kB URL HTTP/2 browser.sentry-cdn.com/5.25.0/bundle.tracing.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (65429)
Hash 67493449368510b48a16561680ffdc2b
ac10a8b8b7b77db2043036cda772fa1701b3e6d8
a1f045b961314614595037436aa5eac2410cbfe2a7635d3472504d59787d5f01
GET /5.25.0/bundle.tracing.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://td.prism.bet
Connection: keep-alive
Referer: https://td.prism.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
expires: Thu, 16 Mar 2023 06:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Oct 2020 12:46:34 GMT
etag: "67493449368510b48a16561680ffdc2b"
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
date: Thu, 22 Sep 2022 04:54:27 GMT
age: 16411794
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24217
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.86.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.86.133:0
Hash 9910a681627a74bb9cb9acc13944a348
2978d69780d3d5657e11c3fd548bda004ddd9eb7
aa05f9609a0766eb77441c98da63d4b286b0073939c2004ff9e22aefc58c0bc3
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Etag: "7C053939F128E962EEDC4DB1B5FB1D6DD15ACBB1"
Expires: Thu, 22 Sep 2022 16:00:00 UTC
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Content-Length: 1462
Accept-Ranges: bytes
Date: Thu, 22 Sep 2022 04:54:27 GMT
Via: 1.1 varnish
Age: 3038
Connection: keep-alive
X-Served-By: cache-bma1625-BMA
X-Cache: HIT
X-Cache-Hits: 9
X-Timer: S1663822468.870115,VS0,VE0
95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com/apg-seal.js
54.230.111.65200 OK 1.8 kB URL HTTP/2 95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com/apg-seal.js
IP 54.230.111.65:0
Hash 1aa89f3591fc5319bed203a81c276171
8d3f2fe38a61562bc87995477d7b1619c309bcc8
34ca484646866543c0cd43bb98dd45c8ef085fd6cedb6c4178451fdc3c703ea0
GET /apg-seal.js HTTP/1.1
Host: 95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Thu, 22 Sep 2022 04:54:27 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c05-/XIj/UpcOutKq+KZhRuFbVZcx9o"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e87157d9ae9274-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EYQeBNPooKs5vPJqZ5KdzViabaFE5TrelIsnTfT7kVKy_l2VN5lCfg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4040
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 04:54:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4040
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 04:54:28 GMT
Connection: keep-alive
static.springbuilder.site/assets/js/publicAssets.js?v=1663687627
185.162.231.251200 OK 53 kB URL HTTP/2 static.springbuilder.site/assets/js/publicAssets.js?v=1663687627
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (2456)
Hash c8a244cc5e058f08ac34fbb8decccb39
f503e84cfc2977862297a341dfa4ed64cd5554a8
c1f4f9e10e9b44e7783e28b9e82363fe87cdb942ebabbc8360f9defabff40b55
GET /assets/js/publicAssets.js?v=1663687627 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=174335
etag: W/"6329dd36-2a8ff"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Tue, 20 Sep 2022 15:33:10 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133724
server: cloudflare
cf-ray: 74e871580fcdb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/assets/js/public.js?v=1663687627
185.162.231.251200 OK 24 kB URL HTTP/2 static.springbuilder.site/assets/js/public.js?v=1663687627
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (11589)
Hash 3cb873be7692b850c92a47d54f424a61
3988868d009416649afaa21cf8f88b8693e51247
aeb29fb9750f2ae5ab21788d46e5d2e73b9386b6e7776b2cbf5858bc4e267ba1
GET /assets/js/public.js?v=1663687627 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=103944
etag: W/"6329dd36-19608"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Tue, 20 Sep 2022 15:33:10 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133724
server: cloudflare
cf-ray: 74e871580fceb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 678 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 650facf78e994eb19bcf053490f666eb
18e1848f2567b1dea1945171cc375e8e6731bedf
7ba91dc2657daefeef906915b179d10f3ee76f374e093e7598241dc2fb60367e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4040
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 04:54:28 GMT
Connection: keep-alive
static.springbuilder.site/assets/jQuery/jquery-3.6.0.min.js?v=1663687627
185.162.231.251200 OK 40 kB URL HTTP/2 static.springbuilder.site/assets/jQuery/jquery-3.6.0.min.js?v=1663687627
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65447)
Hash d68940d63038c0ac668eb83ee479297b
3b6cddf14312647401d9c32b2d09973f50538d62
71c75b977df8e9fdb3c6c4580f5d04ff2dafc468996253fafa4b3976b4357042
GET /assets/jQuery/jquery-3.6.0.min.js?v=1663687627 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 22 Aug 2022 08:50:51 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6303436b-15d9d"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: public, max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
pragma: public
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
cf-cache-status: HIT
age: 133724
server: cloudflare
cf-ray: 74e871580fccb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/framework-1672c32cd3210c7e4939.js
104.26.4.172200 OK 56 kB URL HTTP/2 www.kto.com/pt/framework-1672c32cd3210c7e4939.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3bc49292f7dcd14925908ad75903ee
e6662fa4a4638d27741302bb6c19dd63738d561b
da84d8bbfea9b303bdd0f3f69fa5f7b322ef278aa33eb8dec4f5ecd98623a6ee
GET /pt/framework-1672c32cd3210c7e4939.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=149103
etag: W/"bae0ce8ecf49a6bcdb047f5e00a59e13"
last-modified: Tue, 02 Aug 2022 10:55:07 GMT
vary: Accept-Encoding
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-id: 9nzAIwILW1CZNjH2pLcSxHhXgqqu8teEnZr0LWuY8Lyd7zgT-F00FQ==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: GoHnuJ8YwyRED8Ia54rObYXfTdNR7fma
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOWAxZsiZOqOkfAv%2BgDvmbIprXMlobtY8EqaChAF1aBfCdUxkTMz5b2exYi%2FjeDopqdPYWyy7gHcj%2FeGYXADMVKK7j0gOpT7Hxgk%2BJeOPwYFsp2tl%2B7hKuJsNtLx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871565affb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 26406
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:41:48 GMT
age: 76360
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 888247c1153f8770b880395734749107
7c27c02029eb49e726a076679be2c793da696e45
515852e0d38cdaf86bce45fa5e0df453d08ca36cf6ecfa0c4b868c2143afe333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 83c28267-4d10-476d-8b11-08b48b046985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6CGtroAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab840-1167c5285b6837d311bfe2a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xo0ilY8z0C3rDISFOM5EixEK7HAelSut4hgNNwGYAVQIfPP8C6pUCg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:23:10 GMT
age: 77478
etag: "7c27c02029eb49e726a076679be2c793da696e45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/200611603.json
104.26.4.172200 OK 5.9 kB URL HTTP/2 www.kto.com/pt/page-data/sq/d/200611603.json
IP 104.26.4.172:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5249), with no line terminators
Hash 4281731cc2e82382c93e38b041d1634f
0ad1a6fb416b4032bea8b6d9b49a1a9608578257
6e2f78efb62e7ecdef5f2f50e955037ba90154caad4718061fe6da76ef8137cf
GET /pt/page-data/sq/d/200611603.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Tue, 20 Sep 2022 08:58:20 GMT
x-amz-version-id: fjT_EVUpplOvv67h4WcTqLm24vrdnLQ4
etag: W/"81bd8e55925c658a0dfb66a0f73b2509"
vary: Accept-Encoding
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
age: 1292
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HP4yV_eGXszQnS7J3gsxBKP7JlPjFmipIuFPTkLgxrFuPOmi4F_DrQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkq2PNRUTgrMGNhnHnA5nwZFMaryEhB8VFyYLWXj8k07KUZ48i1AKkzhBbS%2BFVI77clxSaDlFGxn%2FPXE8DizpmjfNV1UQQMLMMrtkvjorywL1X2a%2FOaiw2tEBxBd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a7efdb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
34.120.195.249200 OK 2 B URL HTTP/2 o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: o202591.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kto.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.kto.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.kto.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1358952067.json
104.26.4.172200 OK 942 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1358952067.json
IP 104.26.4.172:0
File type JSON data\012- , ASCII text, with very long lines (3760), with no line terminators
Hash df90835bc4d5f2fb404838c265c4a4cf
1157177a7050f3d500cb8b45b5331c4b4b44a458
983b643131b7dbb4b68514c98b4e38c6c3e0e2626c2827e683a923ed1f4ee041
GET /pt/page-data/sq/d/1358952067.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Wed, 21 Sep 2022 18:31:17 GMT
x-amz-version-id: t22uSJ0P04j.kbtWt1fag66amlmRZHsU
etag: W/"91fde661c86086444e150061bf7b4bf5"
vary: Accept-Encoding
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
age: 1292
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G41bM-TYRu3qybYxm61O63jpaLsQwkmYVRQD8ZjyXpth5B2NBXcYBg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPneM%2FuTyfnQBN3c2II8Ya7uwdrzrt3T4uOlKIyc36M06pm6yU9m3SJCz7GihK0zTTOu2hoCQ9hIeg%2Fd1N0OLFb7HGsSV5x4iks4dZUix7PXw%2BYwLwlTJiczGvYi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a6eecb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/assets/addonFonts/icomoon.css?v=1663687627
185.162.231.251200 OK 49 kB URL HTTP/2 static.springbuilder.site/assets/addonFonts/icomoon.css?v=1663687627
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (43036), with no line terminators
Hash a1a171df9757638c47b6a9682975e2f8
924b402f9ebd3435f34ff60afcc879ed1be28bb7
d399fa48ade733254b95384e6ac68cdfaffb34ae8aa9648af53e0199b79a0c4f
GET /assets/addonFonts/icomoon.css?v=1663687627 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=43220
etag: W/"63173627-a8d4"
expires: Fri, 22 Sep 2023 04:54:29 GMT
last-modified: Tue, 06 Sep 2022 11:59:35 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133725
server: cloudflare
cf-ray: 74e87160ef1ab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
104.26.4.172200 OK 6.2 kB URL HTTP/2 www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
IP 104.26.4.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4917)
Hash c8d88c2fdffee3f6c9b4101674f74f20
da53536019a556bff3ff16260c78dcb60e74c90c
4027cb96289de508fe2bf55bdd1cb5614b766ddf575eec69c2a8356c5d47d2ad
GET /pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/html
last-modified: Wed, 21 Sep 2022 18:31:16 GMT
x-amz-version-id: bWSMkvczu_BHdgksrl45vXKC82KTM2Bx
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZhFOyl1av-HOVe6RDN3ywCg0D3Ae_--0OIG6cg8djWCv-6x7TP9kgA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTv%2FNkoxmdn3cqQXCArmNZZeAxr8NjFs5c1pQH7x7LY2%2Bodi%2BDWs3wql4AVNdBixFpqrD%2B0Zed2NYYpk2COMoKq0VlCiz4bdkKeq9G9CdsALbXXnj3OO9VOUW3cj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715368eeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/wtZSvT0KiQQ
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/wtZSvT0KiQQ
IP 142.250.74.3:0
Hash 103957611eb990087103c5bee776e862
da804c811f6d25c50b63f5af0a93dd4123b62c60
fed7e9444c07add757203df47421b74675e08e7af9dce6d384d2e3600af65d4b
POST /s/gts1d4/wtZSvT0KiQQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ada.support/embed-manifest.json
54.230.111.18200 OK 136 B URL HTTP/2 static.ada.support/embed-manifest.json
IP 54.230.111.18:0
File type JSON data\012- , ASCII text
Hash 9ab9ff59e89bebc4fb6803554ada181a
b26abccde3f3faaa9b18f9dda49f3a3ea0b7147f
24ebc0d73cd874762ad9ead5ef60e22ddea689fec138484cc7ff4c986c2bd079
GET /embed-manifest.json HTTP/1.1
Host: static.ada.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sport.galera.bet/
Origin: https://sport.galera.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 136
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 17:40:45 GMT
x-amz-version-id: wEf.W57nz8TAeAi13KHgYIggjg1wIVQt
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 17:41:18 GMT
etag: "9ab9ff59e89bebc4fb6803554ada181a"
vary: Accept-Encoding
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
age: 40392
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fj-uF0ZJnGNQQ9NYj1G2kDMtTuJwXog5yJZwX7lxMFyFSD0df-U_uA==
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1571617845.json
104.26.4.172200 OK 305 kB URL HTTP/2 www.kto.com/pt/page-data/sq/d/1571617845.json
IP 104.26.4.172:0
Size 305 kB (304894 bytes)
Hash b57206095a9fde05d65491c5b2770f27
53a42d7dd92dadc8b60fd06eabbccc7925ce4d82
0d968f7b0cbd83b8eb52a7bdf0fca3dbe37c7c728683086e845505db879fcf63
GET /pt/page-data/sq/d/1571617845.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json; charset=utf-8
last-modified: Tue, 15 Feb 2022 14:39:22 GMT
x-amz-version-id: C7ZOmoOBDIcgYP5WP97Eod8tO1BI4_yH
etag: W/"8bd979183d5d5610680df6de5841c2a3"
vary: Accept-Encoding
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
age: 1231
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YC6eBCGhg5ohhp-jDYerbbf_KJGpt_fyIyTjrNiJ_YS5wPcd5j74sQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V121W3AUjK1RQvBx1sRicMfwdD0G9iaTgmj8pkrVPRDJ6m4WNRme6Vfswb2ONa3GPXSZ5bPDmrQBaDKydJ%2BZONecJf2kbkMeznklPgHowom0TGPLb6POPZvdVIo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a7ef1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/wtZSvT0KiQQ
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/wtZSvT0KiQQ
IP 142.250.74.3:0
Hash 103957611eb990087103c5bee776e862
da804c811f6d25c50b63f5af0a93dd4123b62c60
fed7e9444c07add757203df47421b74675e08e7af9dce6d384d2e3600af65d4b
POST /s/gts1d4/wtZSvT0KiQQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
td.prism.bet/?tid=pr_a9b30_PMI_RevShare_all_GEOs&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215
104.18.12.75200 OK 2.2 kB URL HTTP/2 td.prism.bet/?tid=pr_a9b30_PMI_RevShare_all_GEOs&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215
IP 104.18.12.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (977)
Hash fec7409cace69a92b500ba97a9618ef5
f0a4791580f5e1f500759c265ca0bf8332638be5
3ff810dcfbb52b4a76c07275c166051d47ce805c0aa5db082e2ab54c149e561c
GET /?tid=pr_a9b30_PMI_RevShare_all_GEOs&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215 HTTP/1.1
Host: td.prism.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.19
cache-control: no-cache, private
hserver: 7
cf-cache-status: DYNAMIC
set-cookie: td_uuid_monitoringpmi_revshare_all_geos=7e5c6c1d-aa8b-4e26-ae62-3e72d3397868; expires=Wed, 21-Dec-2022 04:54:27 GMT; Max-Age=7776000
td_user_visits_pr_a9b30_PMI_RevShare_all_GEOs=1; expires=Sat, 22-Oct-2022 04:54:27 GMT; Max-Age=2592000
td_uuid_monitoringpmi_revshare_all_geos=a12fcefa-6cbc-4e83-b61d-5d29e5469ad4; expires=Wed, 21-Dec-2022 04:54:27 GMT; Max-Age=7776000
td_user_visits_pr_a9b30_PMI_RevShare_all_GEOs=1; expires=Sat, 22-Oct-2022 04:54:27 GMT; Max-Age=2592000
td_uuid_monitoringpmi_revshare_all_geos=97a678d3-6a1c-49c7-9067-73dc7ff29ebb; expires=Wed, 21-Dec-2022 04:54:27 GMT; Max-Age=7776000
SRVNAME=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=0H28uvHfoe3S2Vny111UJfBCsxZXbf1HEfdZXBhRn44; SameSite=Lax; path=/; expires=Fri, 23-Sep-22 03:54:27 GMT; HttpOnly
server: cloudflare
cf-ray: 74e871520902b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
34.120.195.249200 OK 41 B URL HTTP/2 o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad116681f480f3447fd4163d33dd41a
a3ee08e1a9fbe4600e0f196569cddeeb4ad559a4
1d83a62245342d43e81c49e71bd9f9c508ce2b77c2276290ec08254f26dab99b
POST /api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: o202591.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kto.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.kto.com
Content-Length: 1999
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://www.kto.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
34.120.195.249200 OK 41 B URL HTTP/2 o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash eb9a71979f8844d421ad97cdb8baf5d6
4a2b753644b5d682f85f7d2a964d5c18f5e3a5d9
30b0180cf95bedb41862f94b60e064298f00367985a143824900cd924bd7ec9c
POST /api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: o202591.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kto.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.kto.com
Content-Length: 1959
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://www.kto.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6a8f8f10d1faccc163f36a9aba232ea9
7a5ad639950883b9d0419b29d1ab0e62062dfcbb
48e6d1b9b55c9fe689f8f2d671328b2d352d32e717b798e87e8ca52d603c223d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:54:29 GMT
Last-Modified: Thu, 22 Sep 2022 03:37:57 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AAs8tV8uFIpGfuHZufsJIfgYyOI1o4myoPzaTBd3kbz1qdorKR-NHA==
Age: 4592
www.kto.com/pt/98c953856531f5e8bf9cfc6cbec18457870c91e6-2c8aecddd58196a3df47.js
104.26.4.172200 OK 203 kB URL HTTP/2 www.kto.com/pt/98c953856531f5e8bf9cfc6cbec18457870c91e6-2c8aecddd58196a3df47.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 203 kB (202921 bytes)
Hash 3473c9a969a2977e806aa0f121a959cc
e7ec0738afbce50294d304aa862b7491988d6dea
7a3186ce5f00bb6afca034cec0201912a5a644e2d1c42b5ed95620f49ce8507b
GET /pt/98c953856531f5e8bf9cfc6cbec18457870c91e6-2c8aecddd58196a3df47.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript
age: 34979
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=646709
etag: W/"5effba2160dd044bf5190df94374e774"
last-modified: Mon, 05 Sep 2022 13:40:07 GMT
vary: Accept-Encoding
via: 1.1 f803b0b1a33d6ee945ec151c2ca0acaa.cloudfront.net (CloudFront)
x-amz-cf-id: dnq-qWer3iwX8dE0CI9aqZ15KAiy9aHM1bNxvmYa3Rt9HL6lVZEfaA==
x-amz-cf-pop: ARN56-P2
x-amz-version-id: lJEl5tuFdN2wo2zPFgzGHXy7j6DVhPpe
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpvGYbLCMbCPMO9jBbweFTH1QUMWb7HF%2BVKhIKdS12eFgDBfiE8wLWqDERgOz8xjHQsTZjxjIv7ah%2FhFc8WnGKOQvsj48GInQ6l90TvGJeL8hBh9oj6xw%2FBjpCkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a3eccb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com/sealassets/5e52d0fbd98267f6e1f34ffb50ed227b-sport.galera.bet-d2cc940eb8c4343fa7cbb5fba8fe2a972a7e2e4d11da24988e6e617e31352c00722252813c30f48cf57f02dc58c9b142-c2VhbC5wbmc%3D?status=valid
54.230.111.65200 OK 46 kB URL HTTP/2 95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com/sealassets/5e52d0fbd98267f6e1f34ffb50ed227b-sport.galera.bet-d2cc940eb8c4343fa7cbb5fba8fe2a972a7e2e4d11da24988e6e617e31352c00722252813c30f48cf57f02dc58c9b142-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.65:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/5e52d0fbd98267f6e1f34ffb50ed227b-sport.galera.bet-d2cc940eb8c4343fa7cbb5fba8fe2a972a7e2e4d11da24988e6e617e31352c00722252813c30f48cf57f02dc58c9b142-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 95490a17-85bd-442a-90a1-245153092f51.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Thu, 22 Sep 2022 04:54:29 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e87163fe149b57-FRA
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E-Vs0ITbr7WbbPc8wr-VM_hGibxEhKFyVSW-0b0UMEJOnElpPecDsg==
X-Firefox-Spdy: h2
track.tfgreet.com/sl?tid=pr_a9b30_PMI_RevShare_all_GEOs&prism_click_id=9f9efc1c-d987-430b-bf2c-9ba51be58790&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215&direct_url=%27track.tfgreet.com%2Fsl%27&id=622f85368bff280d95069d77&pid=3362
188.114.97.1302 Found 0 B URL HTTP/2 track.tfgreet.com/sl?tid=pr_a9b30_PMI_RevShare_all_GEOs&prism_click_id=9f9efc1c-d987-430b-bf2c-9ba51be58790&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215&direct_url=%27track.tfgreet.com%2Fsl%27&id=622f85368bff280d95069d77&pid=3362
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?tid=pr_a9b30_PMI_RevShare_all_GEOs&prism_click_id=9f9efc1c-d987-430b-bf2c-9ba51be58790&qtag=a23905_t61283909_c1215_sPU_CD_BR_PA_DT_VOLD&redirect_creative_id=1215&direct_url=%27track.tfgreet.com%2Fsl%27&id=622f85368bff280d95069d77&pid=3362 HTTP/1.1
Host: track.tfgreet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://td.prism.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 04:54:29 GMT
content-length: 0
location: http://track.tfgreet.com/disabled.html
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv5ZIrKA7J7B0B8EdpqHPgSoaE9ncVuN4N9%2F%2Ff1enTCVcq%2BWdFSgA7DQ7SJvnmFJN8VdGzMfaxUkS8QMblbmEUhXKMmNVd%2FKnRXttokgsF8QsgTlj4rTSdkWGlNbYk3KRL209A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87163b904b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6a8f8f10d1faccc163f36a9aba232ea9
7a5ad639950883b9d0419b29d1ab0e62062dfcbb
48e6d1b9b55c9fe689f8f2d671328b2d352d32e717b798e87e8ca52d603c223d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163075
Date: Thu, 22 Sep 2022 04:54:29 GMT
Etag: "632bc488-1d7"
Expires: Sat, 24 Sep 2022 02:12:24 GMT
Last-Modified: Thu, 22 Sep 2022 02:12:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AX3c7Lq1afNhZpU20yERRlt3v1DYNm-6KIi0G8QhIasiuXwbCNI4Sw==
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6a8f8f10d1faccc163f36a9aba232ea9
7a5ad639950883b9d0419b29d1ab0e62062dfcbb
48e6d1b9b55c9fe689f8f2d671328b2d352d32e717b798e87e8ca52d603c223d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:54:29 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nZzkK25wapBJNP1CVMz3WrlwPD5IMWnVhDPD_qpy9hBELF5MkYE2BA==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d7e1ab466787550b0fb8e1ad2c281a7
3e5998e3aef6515120b3fc7e024f7f3e1c0fa71b
30bb41616c5620282d59780834339e7a711ac7917ed1cae15c8592405674df6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30BB41616C5620282D59780834339E7A711AC7917ED1CAE15C8592405674DF6B"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Thu, 22 Sep 2022 10:54:19 GMT
Date: Thu, 22 Sep 2022 04:54:30 GMT
Connection: keep-alive
victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
35.228.112.245200 OK 1.2 kB URL HTTP/2 victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1180)
Hash d5d501d132486278c921d51b0b568de0
1caa12acad47548e70e6361690d3424e652e48e2
444d87ac8286b8f882a27d59cacf86016625e2d1fd553715ebfbdbaf250913f9
GET /prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
age: 26351
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 21:35:19 GMT
etag: "ad7132d7b37810e7443cd7ec0c2d4f85-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR6ZPGNY0VAJTMRXFB46A
content-length: 1192
X-Firefox-Spdy: h2
sport.galera.bet/frontend-addon/spring-builder-public/assets/spring-builder-public.js?v=1663687627
35.233.121.223200 OK 75 kB URL HTTP/1.1 sport.galera.bet/frontend-addon/spring-builder-public/assets/spring-builder-public.js?v=1663687627
IP 35.233.121.223:0
Hash ff744fbd26f436988a5f1a1eea3abdeb
5df55dbabbac73f8074cda716ffee9ef41365de8
5e4069d2f72eedc16eb2f212c9b017fda91dc4773b724d741bc88f53c23c6717
GET /frontend-addon/spring-builder-public/assets/spring-builder-public.js?v=1663687627 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript; charset=utf-8
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:27 GMT
last-modified: Tue, 20 Sep 2022 15:31:55 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6329dceb-88468"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
sb: 1
sport.galera.bet/frontend-addon/spring-builder-public/assets/vendor.js?v=1663687627
35.233.121.223200 OK 12 kB URL HTTP/1.1 sport.galera.bet/frontend-addon/spring-builder-public/assets/vendor.js?v=1663687627
IP 35.233.121.223:0
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /frontend-addon/spring-builder-public/assets/vendor.js?v=1663687627 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript; charset=utf-8
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:27 GMT
last-modified: Tue, 20 Sep 2022 15:31:55 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6329dceb-6026f4"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
sb: 1
www.kto.com/pt/9217-53f3c66b2f9468d1b2e6.js
104.26.4.172200 OK 8.5 kB URL HTTP/2 www.kto.com/pt/9217-53f3c66b2f9468d1b2e6.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (2013), with no line terminators
Hash c64fefc180bc1d6048aefae921e71446
90de5220d744d99f765070ebdbd7a5b9ab50405a
1624fe7b833e0da53a416bec21513b6d42daaa180ee0db6d4a45b21e116a912e
GET /pt/9217-53f3c66b2f9468d1b2e6.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/javascript
age: 23282
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=2067
etag: W/"f83a1bc18778d0911b38a7a95d867d05"
last-modified: Mon, 05 Sep 2022 09:13:43 GMT
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-id: MPCuh2xkc369vn_gBuDDPUjWALr4y69meo52YUByNJyejrmVv2QTEA==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: Vfc9bX03hoIYuvOD4wokefmyhkQ5.B82
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRIjee0CrXT0CwOZDezk8DV6Rn0LXJjLM2at33W5g1AYzDZUhxILALIaRrouVlxwFCqehyiyhRxWgfq0b0O270J4MyfESXt1eR1AsBEHPMxX2S69ZDPQUQbQSU%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871614c3fb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
sport.galera.bet/papi/default/Popup/getPopups?data=%7B%22pageId%22%3A70%7D&_token=
35.233.121.223200 OK 146 kB URL HTTP/1.1 sport.galera.bet/papi/default/Popup/getPopups?data=%7B%22pageId%22%3A70%7D&_token=
IP 35.233.121.223:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 146 kB (145677 bytes)
Hash 6b8ee37dad97c0c7f69d9c0fd28b1815
9d605357d71529c253032bd5d6d6f946cfc10bc4
2447f34bcdd9da9fb28ba2f9b3e8b4e17a961e51c10320ce6e0b23e389e828b0
GET /papi/default/Popup/getPopups?data=%7B%22pageId%22%3A70%7D&_token= HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/json
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:30 GMT
cache-control: no-cache, private
vary: User-Agent, Accept-Encoding
content-encoding: gzip
sb: 1
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 030be72c62be79171fbe73b447f1198c
e0b277a632a7b9f8cf18d63d3c5760e91917e1f9
9281e65851d08293bfe464db56616c0a02ef23a4fae7345024971942884df012
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9281E65851D08293BFE464DB56616C0A02EF23A4FAE7345024971942884DF012"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=496
Expires: Thu, 22 Sep 2022 05:02:46 GMT
Date: Thu, 22 Sep 2022 04:54:30 GMT
Connection: keep-alive
cms.kto.com/wp-content/uploads/sites/3/2021/08/16123840/youtube.svg
143.204.55.106200 OK 485 B URL HTTP/2 cms.kto.com/wp-content/uploads/sites/3/2021/08/16123840/youtube.svg
IP 143.204.55.106:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (761)
Hash c8d6dc11af1abd3c5215589b7aa06fa0
84393bfe7c8bd057a7fddc73194b5f18b109b1b1
62de9ff998a46d1063f55acfeb403dc2ae3433e524bdda1131d8465d9d9ace14
GET /wp-content/uploads/sites/3/2021/08/16123840/youtube.svg HTTP/1.1
Host: cms.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 485
date: Sat, 10 Sep 2022 05:24:34 GMT
last-modified: Mon, 16 Aug 2021 12:38:41 GMT
etag: "c8d6dc11af1abd3c5215589b7aa06fa0"
cache-control: max-age=31536000
content-encoding: gzip
expires: Tue, 16 Aug 2022 12:38:40 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OlfaUUXU2TxD0TquHfRXbYv6r0-0kJdmlpoilnvHyEb4HgA7S7qO_A==
age: 1034997
X-Firefox-Spdy: h2
a.sportradarserving.com/pixel?type=js&aid=1265&id=3444
3.124.48.207302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1265&id=3444
IP 3.124.48.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1265&id=3444 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:30 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1265&id=3444
Set-Cookie: zuuid=5a0d3214-5b86-4128-8517-ee3b334259e8; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
c=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
www.brazino-cdnsrv-cst.org/build/vue.0b609e06.js?v10261
185.76.9.15200 OK 37 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vue.0b609e06.js?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65466)
Hash fdee061bd3123b514efc5a765bb7e6b9
33313d404336193ba90e370278cbfdf722b7eac1
9b6d6a72a3ab8c21d9ad8d7e6decca5719a2648e5ebd20ac94313b0efaea90d1
GET /build/vue.0b609e06.js?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6329ae5c-1b387"
expires: Wed, 20 Sep 2023 13:45:09 GMT
last-modified: Tue, 20 Sep 2022 12:13:16 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6c1c5c48-d91e-4d92-b16a-4d877c9ccea1-2632022
x-accel-expires: @1695217509
server: CDN77-Turbo
x-77-nzt: AblMCQ1xnTz/nyYCAA
x-77-nzt-ray: aqY9UQ/nCIY
x-cache: HIT
x-age: 140959
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 01090d3aa671603501635396a78ff7d9
310e513dfdc983ef322fcade486e040627cd4188
175775e879127c89335eb83037e1370bc4fd7efb340d63e7282b795a326b33d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2661
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:30 GMT
Last-Modified: Thu, 22 Sep 2022 04:10:09 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 278
sport.galera.bet/frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine-vendor.js?v=1663687627
35.233.121.223200 OK 6.7 kB URL HTTP/1.1 sport.galera.bet/frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine-vendor.js?v=1663687627
IP 35.233.121.223:0
File type ASCII text, with very long lines (2634)
Hash d6b04b1a36bbd35d367a0a88eae4ac17
2a7bf631d2cf5a695344683078287aca54116d46
163d5df2001e889880e78dc40faa5361a8fe40ce6251d4e022057df1da614fe3
GET /frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine-vendor.js?v=1663687627 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript; charset=utf-8
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:30 GMT
last-modified: Tue, 20 Sep 2022 15:31:55 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6329dceb-e78c"
expires: Fri, 22 Sep 2023 04:54:30 GMT
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
sb: 1
sport.galera.bet/frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine.js?v=1663687627
35.233.121.223200 OK 23 kB URL HTTP/1.1 sport.galera.bet/frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine.js?v=1663687627
IP 35.233.121.223:0
File type Unicode text, UTF-8 text, with very long lines (5695)
Hash c96077b1038690924ffc971f64ab8972
0b8e24727e9cea9a7a6af2e81e091731b0df70d9
78ce4a12c37be635f7d76592c8bb3a9815ac357329c2d4103fb9a14f1dfe8b52
GET /frontend-addon/spring-builder-public/engines-dist/generic-components/assets/engine.js?v=1663687627 HTTP/1.1
Host: sport.galera.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/ftdgenericft1?btag=717558_l150320&AFFAGG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript; charset=utf-8
transfer-encoding: chunked
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
country: NO
set-cookie: country=NO; Max-Age=900; Path=/; Expires=Thu, 22 Sep 2022 05:09:30 GMT
last-modified: Tue, 20 Sep 2022 15:31:55 GMT
vary: Accept-Encoding, User-Agent
etag: W/"6329dceb-2aab4"
expires: Fri, 22 Sep 2023 04:54:30 GMT
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
sb: 1
www.kto.com/pt/component---src-templates-sports-sports-js-eb09dac46a636331e776.js
104.26.4.172200 OK 47 kB URL HTTP/2 www.kto.com/pt/component---src-templates-sports-sports-js-eb09dac46a636331e776.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (22039), with no line terminators
Hash 6c1801e2fcc4b8efd39de7348f7a36f6
d4bf9d777f74afdc264d4aece0ecd43708bffa21
ea7f1a009a7dea5b428eaa31ac86e660ba761bfc1a9d438ad87f519f918f47b9
GET /pt/component---src-templates-sports-sports-js-eb09dac46a636331e776.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=22131
etag: W/"c582e557777676867f924505817530c0"
last-modified: Mon, 05 Sep 2022 09:13:44 GMT
vary: Accept-Encoding
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: cfuOrfPRKK2eLV0zoIuGvas0rUasSta7zZXhnjgDoTt51IX9ro65yw==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: 2vlHRJQ8yQcBQlUzEUrO0q5YSdwNxPCx
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rFCYJ4e5D2PONY0NBRPMYARx7oukll%2BntS5XC957XZ9nA3ix9FDjutjbfge3ThJxj2ZKLWRwG%2FMgHlQHkrU3Sz%2FL0P5R8r7v29a%2FHI3SA%2FQVOKhXEkblYijSsjY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a4ed1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
eu-swarm-ws-re.betcoswarm.com/
185.162.228.2101 Switching Protocols 0 B URL HTTP/1.1 eu-swarm-ws-re.betcoswarm.com/
IP 185.162.228.2:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: eu-swarm-ws-re.betcoswarm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://sport.galera.bet
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9pXDqoxoI8qvR/M3sRBZYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 22 Sep 2022 04:54:30 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dHA/u4uoU9VM9+mhrI2B3sPDncY=
Sec-Websocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
Via: 1.1 google
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 74e87167ac75b50c-OSL
www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10261
185.76.9.15200 OK 31 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1344), with no line terminators
Hash 16825534471b76c9ac4035727531ac25
dd0c4522cdd63ab240f51c7475fbb98410693434
f346cb47f0cb416d44355554497af741a1069b45a0efc056cb275f1333d3fec8
GET /files/flags/United_Kingdom-01-1317.svg?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6006bbc7-548"
expires: Tue, 23 May 2023 11:57:26 GMT
last-modified: Tue, 19 Jan 2021 11:00:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4652a72c-68c9-4d19-86ea-f54a021db09d-1432022
x-accel-expires: @1684843046
server: CDN77-Turbo
x-77-nzt: AblMCQ2w1tj/4HOgAA
x-77-nzt-ray: QA4MamFj7+k
x-cache: HIT
x-age: 10515424
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.124.48.207302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.124.48.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zuuid=ac98fe5e-4af2-4de1-974d-53293d058bac; c=1663822470; zuuid_lu=1663822470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:30 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
Set-Cookie: zuuid=ac98fe5e-4af2-4de1-974d-53293d058bac; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1265&id=3444
3.124.48.207200 OK 2.3 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1265&id=3444
IP 3.124.48.207:0
File type ASCII text, with very long lines (2325), with no line terminators
Hash b8a62387f939108776087dbe2bfda212
1d04912c9c1826bca8a8c60366ad499ffccf0a5d
9a435b79948342592020b23bd42a420f4d0c8f69be0f296b073fa429ad166d75
GET /ul_cb/pixel?type=js&aid=1265&id=3444 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zuuid=ac98fe5e-4af2-4de1-974d-53293d058bac; c=1663822470; zuuid_lu=1663822470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Thu, 22 Sep 2022 04:54:30 GMT
Set-Cookie: zuuid=ac98fe5e-4af2-4de1-974d-53293d058bac; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1663822470; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,433079670; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
cm4=!bidswitch,433151670; path=/; expires=Fri, 22-Sep-2023 04:54:30 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive
victory2.web.7platform.net/js/app.0c640cce1280ee61.js
35.228.112.245200 OK 65 kB URL HTTP/2 victory2.web.7platform.net/js/app.0c640cce1280ee61.js
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash 896cbfd481c891e5e3e9638dd68839e2
363cbbf63923fc6cdfffe615a3b9f701a5d903e2
58ebc4d97bd0d0a0e15751515485be64e952fb65c4b348d271e8dcc57d3caa41
GET /js/app.0c640cce1280ee61.js HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 23317
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 22:25:53 GMT
etag: "3f9101097b5eff18d5e9182657d275f6-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR7B5E95ZV255PT5ZTXZ8
content-length: 64664
X-Firefox-Spdy: h2
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2
104.26.4.172200 OK 20 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 20424, version 1.0\012- data
Hash de9b3aab0cd838dac94553f2f4aaf6f5
5355facde197f12fc2578381566f04c4b5f36cbf
f91f44c1f7fbae5c1e92b83989432a43fb43bdaf5b3054f5acb95aa01e476aed
GET /pt/static/webfonts/s/barlow/v12/7cHrv4kjgoGqM7E3b_s7wH8.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: font/woff2
content-length: 20424
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: jllHWWioLa7gQ_VvjgPgQZG0wpnDOeYZ
cache-control: public, max-age=7200, must-revalidate
etag: "de9b3aab0cd838dac94553f2f4aaf6f5"
vary: Accept-Encoding
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RGbfvSHW8DShvNjAsh5Vl0khbPo1CSMDKqRrOZsnumNVTeS4gS0Eww==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiFESTn9qI3pROabH%2Fk0SDcuvkYCCajigeoRECVEHrv0PoRl2rbdrGbgW%2BP4L29dkdob%2FfP3W%2FoxfMnf4aZ%2FZMYu5fIz0xn9VjoAJkU8eT3dZ5EsD3Yn4sxnHsII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871692bca1c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2
104.26.4.172200 OK 21 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 21416, version 1.0\012- data
Hash d258461a8f2c53d244500969828bdd3f
c796103e6ca328dd6a92bfecf72cda8f0a143158
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
GET /pt/static/webfonts/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: font/woff2
content-length: 21416
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: sQzcaVuc1DGdJGV42RezEajvF9gKZkpn
cache-control: public, max-age=7200, must-revalidate
etag: "d258461a8f2c53d244500969828bdd3f"
vary: Accept-Encoding
via: 1.1 1d76dd98c16c516f48b964dacfe39bfe.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: PMO50-C1
x-amz-cf-id: nEzls-SeFSYkUMmyPdUSeLM4HvKIkxtv06B0PDinnaXE8fKOW_a13w==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc7XNS87ULQieWdpJge0avIDMqrt22d7OaqkHsHq2etw4OV%2BMKZ%2FJxGrakmjECC5tszEqs9aM2mM78jBvSc9ZwUdFFsbUmRAIv0ospHwy6CeaXAYsvD16E2UPejv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871692bd21c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
104.26.4.172200 OK 21 kB URL HTTP/2 www.kto.com/pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP 104.26.4.172:0
File type Web Open Font Format (Version 2), TrueType, length 21144, version 1.0\012- data
Hash 2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
GET /pt/static/webfonts/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: font/woff2
content-length: 21144
last-modified: Thu, 21 Apr 2022 08:42:48 GMT
x-amz-version-id: scLHIwOqFGx4LnaqmAN10WaPjiLy2f__
cache-control: public, max-age=7200, must-revalidate
etag: "2bc7630144496092dc786ce63109e560"
vary: Accept-Encoding
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: CDG52-P2
x-amz-cf-id: csNUrjoTrsE_WnqQXLbC0blkYanSXm53VY1D6W8TiHHrxUjSMVE-8A==
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoRqaVXN4DabZdvyXgp8ORt8XC5tz5YQmyc%2Fj8xUVfpQmvUK69sNbMoRDHyPb9eq52yJKi1CmLDibpFJCBWxYtg%2Bs56nkxwUdRWGLByRdHJsmWqAgZKG%2FXgKAAGc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871692bcd1c06-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-118172619-4
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-118172619-4
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash a2f89c618a9f24028030bee48ed02bb7
7eae9f6dfc9669e52484e870f9f5290063b8eadc
23656ff9485ba19184aad8471b88f082615d23f2db083cb5d6e60f5067bad9e5
GET /gtag/js?id=UA-118172619-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 04:54:30 GMT
expires: Thu, 22 Sep 2022 04:54:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
IP 142.250.74.3:0
Hash 2c1d4791805509d38a1d2d30a5ada686
050522aa9994282ef416ee4b4f10b3d1c39fe2ac
3b93605802c951baa076b158c0e11c2e149917d102eb9a246d84128b5ec963ff
POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kto.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.4.172200 OK 4.4 kB URL HTTP/2 www.kto.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (12331)
Hash bf227b3fed627bd932ff5fe1ca349b38
6cff7db6563b35653d04f54aedbb461a2fec673d
461a60531d7f0ea4b07736ed1e2f3e2d14243659f82493fcae64a6a448ebd380
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE3encUlKGm3qMggIB25S%2Fm1HtOr0HL9k9UO%2B34p5p9gdKr28Bx6l9JmUVtqEXKhtseQNKBWVr1CFTlSYymgW3pHj7X5Hw%2BuSDwQH3Suq2Q5EJZmc50ngMhqUUqm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e871693bd81c06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 04:54:30 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
IP 142.250.74.3:0
Hash e38567771eb5c0f7a902533413fa7126
969c648d925bfd0fbf9571e1358b46a9164d2ea8
c0959a55af4eee6603beb5f2026b39008616d51712fe00bf8994b507fab8e352
POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 75925b52065e8c40d078aee85c947946
72219bfe4412de462135af38de924431a60cd5f5
e4931e694c717412c066464f1c206f1049ebe3fa70270dd550c84129e49b68bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=350449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716a2bb60b3d-OSL
mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
172.64.147.41200 OK 59 kB URL HTTP/2 mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
IP 172.64.147.41:0
Hash c4131901af677f3cba879e5d1790d8f9
477259b3d3427b4f53a918c7a0f33b98f7b77b58
19a7817b9ada61b6de14fa8d334ce878cf3a528c055a26b7eaf1d4a1dd6422e2
GET /renderBanner.do?zoneId=208113 HTTP/1.1
Host: mediaserver.entainpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
vary: Accept-Encoding
x-ua-compatible: IE=EmulateIE7
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: JSESSIONID=C2D8B9FA6BFC65082FCD0B09AA3C8980; Path=/; HttpOnly
__cf_bm=qbS_mpkdbXf_F_1PJpduvlG1sHuZu3ctCQItMFznOAo-1663822466-0-AUEoOc2y0LEAxPz7NBs9+VU1CfWOE9bPMFEMuTBVKYf0pwsOyghhTEiP8H6Y29yVOM8ah4qK/ajXybtgOA37shw=; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.entainpartners.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e87150ab3bb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.b9adca53.js?v10261
185.76.9.15200 OK 3.4 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.b9adca53.js?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (10456), with no line terminators
Hash 11a8c275982b23504acc156f3a62025c
a097666ac17d9a5d47b9af43c78dd75cb060247c
2f19c51450a8a283a83ae8b0227663f56bbf97dfd6e7e9037544350b75e579af
GET /build/vueLocaleBlock.b9adca53.js?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"630f365f-28d8"
expires: Thu, 31 Aug 2023 11:03:54 GMT
last-modified: Wed, 31 Aug 2022 10:22:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 02af2532-d2f7-4afb-8502-148d530ad7ff-2432022
x-accel-expires: @1693479834
server: CDN77-Turbo
x-77-nzt: AblMCQ2FvXT/aqocAA
x-77-nzt-ray: W9R8aERom1U
x-cache: HIT
x-age: 1878634
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac
216.239.38.21200 OK 42 B URL HTTP/2 tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac
IP 216.239.38.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac HTTP/1.1
Host: tags.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=ac98fe5e-4af2-4de1-974d-53293d058bac; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 2ffdd8941fa94c62a27bf05d9926e7fb
date: Thu, 22 Sep 2022 04:54:30 GMT
server: Google Frontend
content-length: 42
expires: Thu, 22 Sep 2022 04:54:30 GMT
cache-control: private
X-Firefox-Spdy: h2
www.kto.com/pt/9249-d6272dbb1c5f0a3ada4e.js
104.26.4.172200 OK 20 kB URL HTTP/2 www.kto.com/pt/9249-d6272dbb1c5f0a3ada4e.js
IP 104.26.4.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3074)
Hash c6380a11e26268b28237fb417deb61e8
011180ca5433d53931c0e5aaf8fd7af1da33424d
fae5831e517f2517790aa5332350afd96e9362ccf336e024b225d911f7d482eb
GET /pt/9249-d6272dbb1c5f0a3ada4e.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/javascript
age: 23282
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=4523
etag: W/"12f3769e03ce9edc77cef7872f78d50e"
last-modified: Wed, 17 Aug 2022 10:11:56 GMT
vary: Accept-Encoding
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-id: V_q4Exam7iRYXwN8B0fnY_3v013q14p2c3melY6odkDmBTLnXJlzhA==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: uiUe2ZpMind1nxB.hVlinC3BZx2o8NKY
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THOpl0uwFWD4Ql2UbpNBi8cC5ULCjOZF9MIaFIvYiDbCiA%2Fwt5IjT4E7xb%2FgarsjFOHKIvCFs6dCVk10b1W3ccSpVyHXpcRcoapUnwZU5Dwr0d6ywGXGfAFtH3j8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871614c3db500-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=aaf701063a8ca18d1dabaede0b2b4ccf979b170792f6433238e6a103d95b2c42
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=aaf701063a8ca18d1dabaede0b2b4ccf979b170792f6433238e6a103d95b2c42
IP 139.45.195.8:0
Hash cf633de7de2f19a7d49ccdfc8ab5f418
a13fa0a2c44bda5ab91a4cb436a09a2fcc6fb26f
5b8a031b9954f826049aca06a7994c457a36fc9da3e5efb87fedde6d3374aca8
GET /p.js?f=sync&lr=1&partner=aaf701063a8ca18d1dabaede0b2b4ccf979b170792f6433238e6a103d95b2c42 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac
216.239.36.21200 OK 42 B URL HTTP/2 api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac
IP 216.239.36.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=ac98fe5e-4af2-4de1-974d-53293d058bac HTTP/1.1
Host: api.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=ac98fe5e-4af2-4de1-974d-53293d058bac; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 54ef027a8c163e22973a97787c84d591
date: Thu, 22 Sep 2022 04:54:30 GMT
server: Google Frontend
content-length: 42
expires: Thu, 22 Sep 2022 04:54:30 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 75925b52065e8c40d078aee85c947946
72219bfe4412de462135af38de924431a60cd5f5
e4931e694c717412c066464f1c206f1049ebe3fa70270dd550c84129e49b68bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=350449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716a2c51b500-OSL
www.kto.com/pt/page-data/sq/d/1218424150.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1218424150.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/1218424150.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 21 Sep 2022 10:40:44 GMT
If-None-Match: W/"6535dc7aca8f6b991d4478936dbfe44c"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: UNGpgDaRY0vBCNp.fvX4ldnlStAzXOo4
etag: W/"6535dc7aca8f6b991d4478936dbfe44c"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1297
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1BDAvsSGiPiLgW435wicuEURk9ruYHq8W4oVKKNs2aNwHW2W5etOxw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPlfS3MKs4xx%2BfoS57Jron3K9SQU6WoThyyMZSbuC18BOf7lT1faCJ4DFB8MDhixexs25p%2BPngrSUGOstmtLCerrv7gzBapH1Ucu2E3wfYwBf71FYdEr4zhHHKz5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c2d651c06-OSL
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10261
185.76.9.15200 OK 8.1 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 87f71a392d14d03ee9b87187923ca3bf
29366dd7ac429f5b05273f031fc30025953222c5
d201c4091e81ac462f53b4fa146d70dc6c504ce0411f3e6b02fab90f3a5a20b0
GET /files/flags/Spain-flag-8385.svg?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"5fc8fc6b-a5d8"
expires: Tue, 23 May 2023 11:57:26 GMT
last-modified: Thu, 03 Dec 2020 14:55:39 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7c0cf253-5c8d-40e1-afba-df000bdb6e66-1432022
x-accel-expires: @1684843046
server: CDN77-Turbo
x-77-nzt: AblMCQ1DOUb/4HOgAA
x-77-nzt-ray: KCdlw7LSrnQ
x-cache: HIT
x-age: 10515424
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1358952067.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1358952067.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/1358952067.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 21 Sep 2022 18:31:17 GMT
If-None-Match: W/"91fde661c86086444e150061bf7b4bf5"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: t22uSJ0P04j.kbtWt1fag66amlmRZHsU
etag: W/"91fde661c86086444e150061bf7b4bf5"
vary: Accept-Encoding
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
age: 1295
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 03plT7zYGyKHEoOx9ttcgYZIfA9j98tnDnjvt4Ha3w4_MsawRsomzw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnDLu67SDudIs4FpZjTtYnDnPFPhss7pEF51n0mWnf%2F%2FleRu4hYPhq6%2FGKTxk92arUEEQMuvYfvbUIq1l0bz%2B%2FCyihC5V8spFpNnNWduJd29RujRP7ZgSNcXibf1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c2d661c06-OSL
X-Firefox-Spdy: h2
victory2.web.7platform.net/js/dependencies.e6700d09ac57adfd.js
35.228.112.245200 OK 697 B URL HTTP/2 victory2.web.7platform.net/js/dependencies.e6700d09ac57adfd.js
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 07e486e6aad0e1890d2b984bf07446f1
d6f2b14150bb643a89f4425c5df4134797c77206
15898de4e74634d0fb93fded5009fa7378728e56e77fefe798ca1a83c8ff75b9
GET /js/dependencies.e6700d09ac57adfd.js HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 26351
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 21:35:19 GMT
etag: "1eb159a9f5d9a357d9d974e0076b508d-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR7B230ZKX5HE1T49XSBJ
content-length: 264162
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1386839701.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1386839701.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/1386839701.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 20 Sep 2022 08:58:20 GMT
If-None-Match: W/"434a3bfd77d3aaeb0e6b1828f3c26eb5"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: e5tGCODmWUFyLJTgIU1Oy9svnQ9Nd9nD
etag: W/"434a3bfd77d3aaeb0e6b1828f3c26eb5"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1296
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9yMsUPzxzQkIgK3iSTc53U4kRb0N0hAc1qK5N1N9osH-PazHSqucoQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYEFH%2BVYBEuUvLKHFdq1RBKEerny6Sipbr7yxAx8wlNehpygr6V3SszxfodmfDIQrg60IZZtSoTLSv%2FB8lB3yyxedLvnkqPunA%2Fty05r13c3Vw%2FD0s%2Bvym2fQQut"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c2d671c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1571617845.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1571617845.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/1571617845.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 15 Feb 2022 14:39:22 GMT
If-None-Match: W/"8bd979183d5d5610680df6de5841c2a3"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: C7ZOmoOBDIcgYP5WP97Eod8tO1BI4_yH
etag: "8bd979183d5d5610680df6de5841c2a3"
vary: Accept-Encoding
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
age: 1234
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fnEXi-zB7zNMV7nHWsmfwtCcMH6-g9E0krVsHnTpS6v6npAnISyBVA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fo1TvsmnzAonrJmGMFcvDOejoyo1Ry5%2FvDo2YJx25TSsEOXjh4XhioylhfCzufqsFXFJsHXZ89MReeJP2TIvPbAsPCELxiHyxClMw73kimdFtyvPcQ%2B%2Fsh9JKGZp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c2d691c06-OSL
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/sport-colors.css?v=1663688499
185.162.231.251200 OK 30 kB URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/sport-colors.css?v=1663688499
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash c04f877e96bba01176873e4204d1b855
7eafb2a9bc6878479473987224403f2c5ab472b6
fbdd7eeea607951c7927ba31ea46f2efa1c1ff2d635be2820d8e9f3eb5acdb9f
GET /fs/userFiles-v2/galera-1877320/css/sport-colors.css?v=1663688499 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=328790
etag: W/"6329df33-50456"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Tue, 20 Sep 2022 15:41:39 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133665
server: cloudflare
cf-ray: 74e871580fcbb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/public-pt-br.css?v=1663079212
185.162.231.251200 OK 6.6 kB URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/public-pt-br.css?v=1663079212
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (30932), with no line terminators
Hash 3d6b305b2b4f38d182e8c7938be13300
b8faadf6d45b8fe2cd96c6ce2fcab1c95fc88d00
adf718c77ff958e48d6c2edf27826e6fcc311db291d6cddaed0eef8c2fa41b48
GET /fs/userFiles-v2/galera-1877320/css/public-pt-br.css?v=1663079212 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
etag: W/"6320932c-78d4"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Tue, 13 Sep 2022 14:26:52 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 742211
server: cloudflare
cf-ray: 74e871581fe6b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/sp.css?v=1663688499
185.162.231.251200 OK 18 kB URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/css/sp.css?v=1663688499
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9e42c9114ccaa7a44b4bffc200ac5561
bef344bff958f2792ca2f1622a8a1729c4ff7e86
97fd745088942c352cd38d42597f78fabd20747158a7f55c927359259c51928d
GET /fs/userFiles-v2/galera-1877320/css/sp.css?v=1663688499 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=147385
etag: W/"6329df33-23fb9"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Tue, 20 Sep 2022 15:41:39 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133665
server: cloudflare
cf-ray: 74e871582fefb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/767590345.json
104.26.4.172200 OK 397 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/767590345.json
IP 104.26.4.172:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (660), with no line terminators
Hash e001cf6c3a9e34d87e8e2c9137c88be5
2a1e5fdb0c81328ec8d361325fb84539f0fbec91
c931905f83a2fb4dffd36eaa4902b04221529bbf422c531cbdfcd543dff880ed
GET /pt/page-data/sq/d/767590345.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Thu, 23 Jun 2022 15:01:13 GMT
x-amz-version-id: ZIuR9zCd93St1qPLkwAg0L9PKdx9jZpa
etag: W/"bb0ea3055081c72cfbfc29d007c96a50"
vary: Accept-Encoding
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
age: 1246
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vTn9Fz9Mj3r__mGGcz5_MQSzl6ama_Klk01mx9zJ4R0t2JUIT-a9vA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvfbBhn1cKIeLDP6gE1N9qTu45%2FM1wH4e1N8HmjF2YAEfhAjeURsfqZsAyFS4z6maMXliS1CAbGQQSX1%2F0CGlmX7ToFiKZAs66yNjqBaMUhEvHfM0iIzScgmDK%2F0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a9f23b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/2100837434.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/2100837434.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/2100837434.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 10 Mar 2022 17:13:54 GMT
If-None-Match: W/"f387d157475a1f097a9fdd4ba31ca70d"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: PQVm2Am_6Y.aPLIjGKofQIF3QLEMj6Sy
etag: "f387d157475a1f097a9fdd4ba31ca70d"
vary: Accept-Encoding
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
age: 1232
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XZq2Y8Zyzxf2YUjDz2wyNKpzIHkMuij6B6WURW2iSUltKef0pMTVPQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C95NTfWBxbDZgfGkqSyVgT8OQ2dYrGCmHb2df6NTGuAPOq1efm86iyx6%2FkGVz6Tbu%2FS3hYeEMzgkmSgad%2BkxAqCfENvKm6yuXxkE0rZ8072FsoyMV56VU%2BvjIn%2FA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c3d6f1c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/200611603.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/200611603.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/200611603.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 20 Sep 2022 08:58:20 GMT
If-None-Match: W/"81bd8e55925c658a0dfb66a0f73b2509"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: fjT_EVUpplOvv67h4WcTqLm24vrdnLQ4
etag: W/"81bd8e55925c658a0dfb66a0f73b2509"
vary: Accept-Encoding
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
age: 1295
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qQksPyFOX2fv75vfr38NvoLSf9lF_07PUeSvK13PU-NPAydRcWtNQg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKLkfOG%2FUMgLFCspNvObpqLs3N2LdpNPyQwwjtiiwcKJR2VtQBnnUL%2FCr%2BbSzQ6bGMCf4XATf7So7tg5JYXyJlzhDiR7n1grChk7iAEADK1jprSF4l0Z%2Br8Uon2Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c2d6d1c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/webpack-runtime-3cfe20e58b15f5934352.js
104.26.4.172200 OK 48 kB URL HTTP/2 www.kto.com/pt/webpack-runtime-3cfe20e58b15f5934352.js
IP 104.26.4.172:0
File type ASCII text, with very long lines (8264), with no line terminators
Hash 3162f7bdbfbfbf118abaa8de529c9d71
f259577535d570fda1264c418434f4d74b4b0331
e3490f0dfbfa6a22b191cebbefaf97092c3d4bc9dbcc2a8fbc0e31da1544b3b8
GET /pt/webpack-runtime-3cfe20e58b15f5934352.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=8329
etag: W/"a93b2aaba0c3c4e51fb610c7459fe62e"
last-modified: Mon, 12 Sep 2022 12:22:05 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: JbZyo5jrUSgTAldtZfZVmRxRUepn7MyCBGu5rsG3Jq1Ai558HWY0Sw==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: vyCc8C6azhkTrZlf7jDq1tXMLU.Fdz1_
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M5%2F0jAUNzXTHJ%2F5ighTq6d2OaEoFQqOEIHp0iIofYQSPx8oE3jow%2FHiFTA7YyNVTLaWXlIdvKkGbLW%2BFk8EBlAxcnLC%2FHh6l7EQzIIe8apoflu6axEt6raRyvZ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87169ac151c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.galera-bet.com/seo.min.js
104.21.40.91200 OK 6.4 kB URL HTTP/2 www.galera-bet.com/seo.min.js
IP 104.21.40.91:0
File type ASCII text, with very long lines (10585), with CRLF line terminators
Hash 72bd94a88f09139406510030b52fda37
0adbb536eeb40e81a969d27d8325dd8a8d4233f3
79da18bd3ad44774a2494f5203c07102b2282f670a975d8102b295596af5bf78
GET /seo.min.js HTTP/1.1
Host: www.galera-bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
last-modified: Tue, 04 Jan 2022 12:52:30 GMT
vary: Accept-Encoding
etag: W/"61d4430e-298b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 9261681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7wskKf%2Bp1K%2B5qSi6M0aai5CNOZzv90x3UqhZIziBGvZMJqLXzNY2BzmXp32jDfr9tmEdzFdoiKXHZo8H2Rakfu%2F2fjNeJocH7qo8gsvg%2F8s0v77Uugxrq%2B98EJHsWQw69JHc0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715698321c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.c3bd978f.js?v10261
185.76.9.15200 OK 17 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.c3bd978f.js?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
Hash a912dfab354408384b094cf813030061
ad3bb91a94350b2556756a9ca2154e7cf98226a0
e0e34cdb27d1002ec32329e99253f9642f3f1028c35e3e248e2700c463d520d3
GET /build/app.c3bd978f.js?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6320524c-c070"
expires: Wed, 13 Sep 2023 10:42:46 GMT
last-modified: Tue, 13 Sep 2022 09:50:04 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 1b43a749-1c03-4d44-81ab-d7e9e85d1c60-2562022
x-accel-expires: @1694601766
server: CDN77-Turbo
x-77-nzt: AblMCQ2RzYz/3osLAA
x-77-nzt-ray: 4rrXYem9hL4
x-cache: HIT
x-age: 756702
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/3312572612.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/3312572612.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/3312572612.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 16 Sep 2022 15:39:05 GMT
If-None-Match: W/"6f23156ae944a0783f2b27a03d21dd4d"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: 6JqFka6YjfTAy2wzbNJhF71LsjLvKgz7
etag: W/"6f23156ae944a0783f2b27a03d21dd4d"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1296
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G_GxCajJMOCPv9_wZYGBVxumHObXvV0kMdZRRzNhEXkwnDdNk5CC2Q==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkuOCf1xoYWRJ1E0V34njGBUUhLG1%2FC2W%2FBATw%2B0%2B14J26qEnVJdDlYVI6Gp2UT8qVal%2Fbgn2C7n7JSZCVyOLrSSsf2Ny7g9KMn%2BeAUJc4ZM9T2NkuVFOZRMgugb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c3d771c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/284096771.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/284096771.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/284096771.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 16 Sep 2022 18:20:06 GMT
If-None-Match: W/"fb4fa79e364395cd2b1e11471718f766"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: OGNMBZ4oi2AY4Z9cibCst85b0nd4IBoo
etag: W/"fb4fa79e364395cd2b1e11471718f766"
vary: Accept-Encoding
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
age: 1293
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fKYzWKw8NMi6dZO7cBw_ApSaBD3Ai0Oe2pYkORDXEQ8YguSm3euGrQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkJtVVBCkja%2BT%2BJ4bvKDxkDCqtCsAWVahZvE8Fd4FvxuP4iK9BpmKGTEJwKSHhSzaRI2I5rsCmIaUdLbY%2FvSI%2F0R52qSmb4iXW%2BVe6bseZduZcCZ2EKK5QUHrot9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c3d761c06-OSL
X-Firefox-Spdy: h2
promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
104.16.130.238200 OK 155 kB URL HTTP/2 promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
IP 104.16.130.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9757), with CRLF, LF line terminators
Size 155 kB (154967 bytes)
Hash 3bce7a5a8714ec9b494699e24434eb35
d1c3e7589ef7647af0136c13689e0e9ab603ca9f
93137111ecc04648df798de85541878d40fd81f208028b3cd00db749fabd7f05
GET /pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136 HTTP/1.1
Host: promo.bwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
vary: Accept-Encoding
content-security-policy: frame-src *
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server-timing: vanilla;dur=199.6673
cf-cache-status: DYNAMIC
set-cookie: ASP.NET_SessionId=rg5vdusi41mz2jtx3akxewxm; domain=.bwin.com; path=/; secure; HttpOnly; SameSite=None
trc.cid=32b067eea51e443fa08c42628ede91f7; domain=.bwin.com; expires=Tue, 21-Sep-2027 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
usersettings=cid=pt-BR&vc=1&sst=2022-09-22T04:54:26.8518205Z&psst=0001-01-01T00:00:00.0000000Z&lsid=rg5vdusi41mz2jtx3akxewxm; domain=.bwin.com; expires=Sun, 19-Sep-2032 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
isLanguageChanged=false; domain=.bwin.com; path=/; secure; SameSite=None
lang=pt-br; domain=.bwin.com; path=/; secure; SameSite=None
dark-mode=1; domain=.bwin.com; expires=Sat, 07-Dec-2069 00:00:00 GMT; path=/; secure; SameSite=None
trackerId=5314018; domain=.bwin.com; expires=Sat, 22-Oct-2022 04:54:26 GMT; path=/; secure; SameSite=None
trackingAffiliate=5314018; domain=.bwin.com; expires=Thu, 22-Sep-2022 08:54:26 GMT; path=/; secure; SameSite=None
tdpeh=; domain=.bwin.com; expires=Mon, 10-May-2021 04:54:26 GMT; path=/; secure
zoneId=2081136; domain=.bwin.com; expires=Sat, 22-Oct-2022 04:54:26 GMT; path=/; secure; SameSite=None
__cf_bm=4DqW7zb.RmO69EpHgBiQ7YvSzhtwt.18JJ8ugrH9Fns-1663822466-0-AY+sDcMD/4r646yAqmpDMSITGMO6xsEjsMh2+0WfLTyLLQ379ulj0dhzeZB5Zf6nqXOXRVq/R9Nqkioe5ON7/a4x8VY5Hkp6gNkml9zU11Wo; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.bwin.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e871505e34b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/gameNsoft.84c838d4.css?v10261
185.76.9.15200 OK 488 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/gameNsoft.84c838d4.css?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1527), with no line terminators
Hash 219c19ab145351ffb1467bed14699e4b
8bdd95e404ca3ced5bbd880d718b15a2f2b5a25b
831bd2b7e1c3b88cc61d512bbc3c3512c210d84f0ae63a72bab304ee857543ae
GET /build/gameNsoft.84c838d4.css?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6321fb85-5f7"
expires: Fri, 15 Sep 2023 16:04:30 GMT
last-modified: Wed, 14 Sep 2022 16:04:21 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 1b0e1121-168a-463d-8a8c-73fcc7976836-2582022
x-accel-expires: @1694793870
server: CDN77-Turbo
x-77-nzt: AblMCQ2Lp/3/dp0IAA
x-77-nzt-ray: rpnw5OE2UsA
x-cache: HIT
x-age: 564598
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/3647105693.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/3647105693.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/3647105693.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 16 Sep 2022 15:39:05 GMT
If-None-Match: W/"48dd24c660e6e813da14d5158c94e53b"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: qos65VivHtyLT1TxiWDLwVT54kz3WqZw
etag: "48dd24c660e6e813da14d5158c94e53b"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1264
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zXNEkD8ngLSuU0RHE_tTnaxuqskSNnpuleqxLsOoYCfbWGitCIgayQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zlx7uMw7FgGNUAqfE4EDcwOaeXWySIqjbmNQWFItZmNiXnQjdwpdmig8DRppKwXBO3mFyDtY65vXeZ9gWbqMZMRyH8u8VKWQWhmnQqsEgpNxfc7aSy00pESD0Wnn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c3d791c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/63159454.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/63159454.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/63159454.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 29 Mar 2022 13:08:30 GMT
If-None-Match: W/"08c684e0c12d99116a25a81ce2a50c2e"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: FTMWcCxUHNFQ0F3cSMjMjnV8sne9KCd6
etag: "08c684e0c12d99116a25a81ce2a50c2e"
vary: Accept-Encoding
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
age: 1259
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KYNuaS6Rr3iWuG0CQpwZUyz4x1uEj4x5dmXlAbprEgcFnhqZsVHUAQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyrId%2F1uKMQJcwqeQiYzctmgjCkdbdUE5ionO3vd6ELZ%2Bs7RlHsz7q6mxhx3%2FsN50eFNvwEa0Ij8FJf%2FLGg3iDsX4UhSKAk2ynyEzqffooeEcplZN7yMfgJ8DcnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c4d841c06-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/767590345.json
104.26.4.172304 Not Modified 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/767590345.json
IP 104.26.4.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/page-data/sq/d/767590345.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 23 Jun 2022 15:01:13 GMT
If-None-Match: W/"bb0ea3055081c72cfbfc29d007c96a50"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Sep 2022 04:54:31 GMT
x-amz-version-id: ZIuR9zCd93St1qPLkwAg0L9PKdx9jZpa
etag: "bb0ea3055081c72cfbfc29d007c96a50"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1249
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KVJdwchSSGuNk2XpTL-POU_ndOiXqdVhQgFZ_ylPLfSTw_I2ElA7-A==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugQnXg6x6WjXbcNn9E3ycMe2yL54q1w9Dkf4IUeVAPe2GIOnWgYbBIq91WvI3WPRGX0nXSi6CcfbL7mJgUBPGnKrgFjbd%2BQ0eDz1smkGRhyom4a38m%2F836GTYd6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716c4d871c06-OSL
X-Firefox-Spdy: h2
o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
34.120.195.249200 OK 2 B URL HTTP/2 o202591.ingest.sentry.io/api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5826020/envelope/?sentry_key=b4e1b63f1da34cc784f100098ac15024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: o202591.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kto.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.kto.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.kto.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 838827064245a6e17630f07b02021ec7
4b71efe74a2ac92ff9d9896e4d6f93d8edc7c2b9
a7e7914f27a22e077aa9968e7b80316073c8bbff0ee77e8c2feed2ac1fa352e9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:54:31 GMT
Last-Modified: Thu, 22 Sep 2022 03:25:39 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 85OldT2LOuiRGwT-KcDrxJgRlqh5nQfjSMx-fr8S8e2cq89Hgdm3bA==
Age: 5332
o73276.ingest.sentry.io/api/157770/envelope/?sentry_key=ce18d11a0cc741df9e82075199e94b2a&sentry_version=7
34.120.195.249403 Forbidden 56 B URL HTTP/2 o73276.ingest.sentry.io/api/157770/envelope/?sentry_key=ce18d11a0cc741df9e82075199e94b2a&sentry_version=7
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6e5a3e5ff236fe99535092d7096ceddc
92a5db65cbedf687ee76693e9b89b9d6ca417b61
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
POST /api/157770/envelope/?sentry_key=ce18d11a0cc741df9e82075199e94b2a&sentry_version=7 HTTP/1.1
Host: o73276.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://victory2.web.7platform.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://victory2.web.7platform.net
Content-Length: 422
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: application/json
content-length: 56
access-control-allow-origin: https://victory2.web.7platform.net
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=463937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716cff9f0b55-OSL
admaxium.com/scripts/pa_rtg_brazino.js
104.21.44.24200 OK 200 B URL HTTP/2 admaxium.com/scripts/pa_rtg_brazino.js
IP 104.21.44.24:0
File type ASCII text, with very long lines (327), with no line terminators
Hash 2ee0bc91e9f9d0a731f5b9ccfe8bb85e
e0e222e7c5b1dd4483364e2390ea02489566b71a
14bf27550921e3d0d706d7259d9d66fcd19eb01580fc1cd09a93a54f9e047ad7
GET /scripts/pa_rtg_brazino.js HTTP/1.1
Host: admaxium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 59e31c52-396a-40b7-ab0b-def248ea3ad8
etag: W/"49b4ed1f548ec5abc3ecdcbc1ff95f21"
x-runtime: 0.003313
expires: 2022-08-23 04:54:30 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtnDj47QoD6luxSgRb4Q8em9Sm4RV01J4c5g9dHnSIns%2B2dSjDDtbG0HsJJWFQZimH7ULh%2BZf9p2a1OCfaeB1SyhpaQa8rJRxNa7bT3K0nKc3fYryxSwQ%2BKR5Pa%2BMSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87169f9e3b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51
Set-Cookie: tuuid=931b42b7-0200-472b-96cf-022c625d0d83; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=463937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716d3f111c0a-OSL
tm.jsuol.com.br/uoltm.js?id=anrasi
143.204.55.19200 OK 18 kB URL HTTP/2 tm.jsuol.com.br/uoltm.js?id=anrasi
IP 143.204.55.19:0
File type Unicode text, UTF-8 text, with very long lines (65476), with no line terminators
Hash 7d71975a9c485466c9612bd695c411e6
fedd4080a75da286640153d24f302122e4f1076f
a628155f1a56d154b91c8b9ed1430960f5e2edfad472cdeb5f33e8e90330c256
GET /uoltm.js?id=anrasi HTTP/1.1
Host: tm.jsuol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 17899
date: Thu, 22 Sep 2022 04:19:26 GMT
server: marrakesh 1.16.6
last-modified: Fri, 09 Sep 2022 05:42:53 GMT
expires: Thu, 22 Sep 2022 05:19:26 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: 7d71975a9c485466c9612bd695c411e6
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MBhvbSIglAcnAUO0gI1CYgLRAcCCEq9mgnMulooDJUGsgEIwlcYewg==
age: 2105
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
151.101.86.133200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.86.133:0
Hash 6f586a34a30828513508a24f398afe47
dd29d2c9b6768f0908e646478a83194fd747168d
ea7dd388892aa2a64334162981c46401fce95fa664407f65014e09c68795cdd7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 26 Sep 2022 02:31:49 GMT
ETag: "dd29d2c9b6768f0908e646478a83194fd747168d"
Last-Modified: Thu, 22 Sep 2022 02:31:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 939
Accept-Ranges: bytes
Date: Thu, 22 Sep 2022 04:54:31 GMT
Age: 51
Connection: keep-alive
X-Served-By: cache-qpg1273-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 7
X-Timer: S1663822471.285169,VS0,VE0
x.bidswitch.net/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Set-Cookie: tuuid=20fe9b3e-5b8c-4754-8474-6e2df14acdf3; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
www.google-analytics.com/gtm/js?id=OPT-KNBH4FM&t=gtag_UA_118172619_4&cid=1006226130.1663822471
142.250.74.174200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=OPT-KNBH4FM&t=gtag_UA_118172619_4&cid=1006226130.1663822471
IP 142.250.74.174:0
File type ASCII text, with very long lines (1720)
Hash 04c775535bb7e2f36489a7b1e4206066
8777fa8e3b580bc8184dc25e3a24576206aa0326
458e72906a06d354959987105f6878864f7a8a405f5b86602714ada464d9377d
GET /gtm/js?id=OPT-KNBH4FM&t=gtag_UA_118172619_4&cid=1006226130.1663822471 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 04:54:31 GMT
expires: Thu, 22 Sep 2022 04:54:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=463937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716ceecbb500-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=463937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716cf8c8b4f9-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf
Set-Cookie: tuuid=6098f334-b1ca-4e3f-a748-4bfba940adfa; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=0909b871-e472-4d3f-8307-0e640eac1e6c
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=0909b871-e472-4d3f-8307-0e640eac1e6c
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=0909b871-e472-4d3f-8307-0e640eac1e6c HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=463937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e8716cbd870b3d-OSL
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=ddb54610-5666-4256-aa0e-0752145f7b51 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.126.157.114200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.126.157.114:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Length: 43
Connection: keep-alive
www.kto.com/pt/meta.json?v=1663822471144
104.26.4.172200 OK 45 B URL HTTP/2 www.kto.com/pt/meta.json?v=1663822471144
IP 104.26.4.172:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 42d930ee5551f76c93944217c718f93f
5513260981d165158eb56ebd0072f65475331fa3
4da0e1c5cd2562554cfa5c6c09eb439e5f71a022b0503e2b97ff3383a4bd8906
GET /pt/meta.json?v=1663822471144 HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: application/json
content-length: 45
last-modified: Mon, 12 Sep 2022 12:22:05 GMT
x-amz-version-id: Key6AQPbjWp3hn.muLQOZWSH5AVYpOeb
accept-ranges: bytes
etag: "42d930ee5551f76c93944217c718f93f"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 1300
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S7gZ23VQDlSGRcPZ8CdhwLa0IEnN3uZ5D4lGCMYolD5X_SQ5Ceocmw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxtiTy6jXDQUw4Sp9Dy6rhNEj0WzdX119gY%2BREL4A7FpODv1p1X2lgg86QlM3lKaQhKRqjadLpyAg1EdNesZCooxdH8OZVOxiTAFycVMpOTfWMNYBeQgv6KsXy8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716eaee51c06-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
Set-Cookie: tuuid=8c1b815b-2bb6-4685-8f6a-bcd1acd47efc; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663822471; path=/; expires=Fri, 22-Sep-2023 04:54:31 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 304 B IP 93.184.220.29:0
Hash 224ff6cd84bad9780e26236c402b78d6
97258af848b1efb34427223b4d13b703d942eadf
6b119ea81c45f81fce982f53d1d1f5649927d0f81a0aee6704b1822e07c8ff9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:31 GMT
Server: ECS (amb/6BB3)
Content-Length: 279
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 3f01a6fe4be69809cd0b0d740ab50c40
8366aca59939c8a0cfe3bc4c7732e9f8cf031375
025a3b03a1e5af9f06a8fb2d3e113c5b73410e0e440cf34869c97b20ccb77829
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72206
date: Thu, 22 Sep 2022 04:54:31 GMT
access-control-allow-origin: *
etag: "63295b76-11a0e"
expires: Thu, 22 Sep 2022 05:54:31 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf
3.126.157.114302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf
IP 3.126.157.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&cb=65954a11-a87d-4a1d-82c7-1843441b24cf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 22 Sep 2022 04:54:31 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
eu-swarm-ws-re.betcoswarm.com/
185.162.228.2200 OK 0 B URL HTTP/1.1 eu-swarm-ws-re.betcoswarm.com/
IP 185.162.228.2:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: eu-swarm-ws-re.betcoswarm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: swarm-session
Referer: https://sport.galera.bet/
Origin: https://sport.galera.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: accept, content-type, swarm-session
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Via: 1.1 google
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 74e8716eacb3b523-OSL
eu-swarm-ws-re.betcoswarm.com/
185.162.228.2200 OK 4.3 kB URL HTTP/1.1 eu-swarm-ws-re.betcoswarm.com/
IP 185.162.228.2:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (8246)
Hash fbdf528479a5fb949dc37b0f8bf74c89
fec7e12ba02aaf6e3a86590f8b8b431543314329
0148666162b845e993e7bc74e88b99a2af75a284cd1c678443ec6ce7ffa116e2
POST / HTTP/1.1
Host: eu-swarm-ws-re.betcoswarm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sport.galera.bet/
swarm-session: 003bbd49-6089-4516-40c7-b2c58bf1a809-1
Content-Type: text/plain;charset=UTF-8
Origin: https://sport.galera.bet
Content-Length: 69
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Via: 1.1 google
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 74e8716f2afffac0-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e659db0950e2554f04d83ee67d35adcf
7fd3bb110b63b36e65e473e66ba55a4f26b9169f
4a13859b3ce97bff47e40c878f450c6721d0b421a77bb38a40075c974acb377b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:54:31 GMT
Server: ECS (amb/6B87)
Content-Length: 279
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
3.126.157.114200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac
IP 3.126.157.114:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dac98fe5e-4af2-4de1-974d-53293d058bac HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Thu, 22 Sep 2022 04:54:31 GMT
Content-Length: 43
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2d521881eb3e062dc90e99189d9dd722
1941137461b6ce4b0c937be9a7e000c6184c755e
5c10c02e6fbf69b24e9fd464141c01e66dcc68d62c955e90a30f7c1eebe2bec0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:54:31 GMT
Last-Modified: Thu, 22 Sep 2022 04:01:09 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2BsUDT-gP0tDW3avBiVEmA3mGNQQPo_Udrp6x7IfWqAJs36zr2WIog==
Age: 3202
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.193.37.27204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.193.37.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 04:54:31 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2d521881eb3e062dc90e99189d9dd722
1941137461b6ce4b0c937be9a7e000c6184c755e
5c10c02e6fbf69b24e9fd464141c01e66dcc68d62c955e90a30f7c1eebe2bec0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:54:31 GMT
Last-Modified: Thu, 22 Sep 2022 04:00:21 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iBWt4xFUxmZQKr1RTN1MnM62SnIAqOU5EVR4WEx83m6SydYWo4qx4A==
Age: 3250
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.193.37.27204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.193.37.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 04:54:31 GMT
X-Firefox-Spdy: h2
cms.kto.com/wp-content/uploads/sites/3/2021/08/16123840/youtube.svg
143.204.55.106200 OK 485 B URL HTTP/2 cms.kto.com/wp-content/uploads/sites/3/2021/08/16123840/youtube.svg
IP 143.204.55.106:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (761)
Hash c8d6dc11af1abd3c5215589b7aa06fa0
84393bfe7c8bd057a7fddc73194b5f18b109b1b1
62de9ff998a46d1063f55acfeb403dc2ae3433e524bdda1131d8465d9d9ace14
GET /wp-content/uploads/sites/3/2021/08/16123840/youtube.svg HTTP/1.1
Host: cms.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 485
date: Sat, 10 Sep 2022 05:24:34 GMT
last-modified: Mon, 16 Aug 2021 12:38:41 GMT
etag: "c8d6dc11af1abd3c5215589b7aa06fa0"
cache-control: max-age=31536000
content-encoding: gzip
expires: Tue, 16 Aug 2022 12:38:40 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P9FwkxqVsL2Gn2rFoK0O9oAfUt19nhkDGhU6aSpO4LwCpKu1X-NEQA==
age: 1034998
X-Firefox-Spdy: h2
tm.uol.com.br/mercurio.html
54.230.111.68200 OK 173 B URL HTTP/2 tm.uol.com.br/mercurio.html
IP 54.230.111.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with no line terminators
Hash ba5203ce522cc70a434e9a70452ca145
93958b4e4781d06344dff04474ba8a90d01b2538
781f0feb1b5c78b72394e885ac0d17c628c70fa3a2252d9890d564b35d612dd9
GET /mercurio.html HTTP/1.1
Host: tm.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Mon, 04 Jan 2021 18:03:21 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Thu, 22 Sep 2022 04:54:31 GMT
expires: Thu, 22 Sep 2022 04:58:58 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EZXhl-G-MlI_3dYZfWbgbV0d5xJP4c3m_HkIokmH-Q2S5jFulkzuNA==
age: 333
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 22 Sep 2022 04:54:31 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Thu, 22 Sep 2022 05:54:31 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.193.37.27204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.193.37.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ac98fe5e-4af2-4de1-974d-53293d058bac&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 04:54:31 GMT
X-Firefox-Spdy: h2
victory2.web.7platform.net/data/config.json?v=db29d93f9b
35.228.112.245200 OK 2.1 kB URL HTTP/2 victory2.web.7platform.net/data/config.json?v=db29d93f9b
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 2bd5a76189afca09139b41baa71464eb
51a16821b7767d46b6051159f870e78d0f74fd79
5b18c055944dfb5917b397cd2ee84838cf21ac8b80461628a48020af061f158b
GET /data/config.json?v=db29d93f9b HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60227
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/json
date: Wed, 21 Sep 2022 12:10:45 GMT
etag: "c978500ed84e55354b0636d5ebeed2e3-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR8PEHSFF6CNXGGPXY407
content-length: 1418
X-Firefox-Spdy: h2
tm.jsuol.com.br/modules/mercurio.js
143.204.55.19200 OK 1.1 kB URL HTTP/2 tm.jsuol.com.br/modules/mercurio.js
IP 143.204.55.19:0
File type ASCII text, with very long lines (3646), with no line terminators
Hash bed0a7a707f166936e5aaac09879d050
01276c9bf0d1ca37b4aad0b0eac66060ffdc0c12
b676c2d29fcc1c2cd1adc6bd5b00436afb068f4c247baa86bd71f2fcf07e4151
GET /modules/mercurio.js HTTP/1.1
Host: tm.jsuol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 1065
date: Thu, 22 Sep 2022 03:57:33 GMT
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Tue, 05 Jan 2021 17:11:28 GMT
expires: Thu, 22 Sep 2022 04:57:33 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T6r6zZeo4wVjHgt9wl_70wPW199Q7oOg8A6sPQo0D2gaysX4IW-uuQ==
age: 3418
X-Firefox-Spdy: h2
victory2.web.7platform.net/data/modules.json?v=db29d93f9b
35.228.112.245200 OK 22 kB URL HTTP/2 victory2.web.7platform.net/data/modules.json?v=db29d93f9b
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text
Hash 20f988c6b35235bc3c8e80362b23d2e4
215fd21fdb268e810a4015693bf2a96536cc2f8f
c29613d4d71f96c116d9c6987f7ddc89c3dbacd5d6f62162fba546f24a9be03f
GET /data/modules.json?v=db29d93f9b HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 53743
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/json
date: Wed, 21 Sep 2022 13:58:48 GMT
etag: "910b6ba06c40a7f4f0f3c9d515dce669-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR8PMR0R4EW09KGFBD4AV
content-length: 22010
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Barcode+39
216.58.211.10200 OK 287 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Barcode+39
IP 216.58.211.10:0
Hash 123baa76707955be0b13870765c16ae7
a4a5474b6c24a87af859a045537fa948163ad778
02b1369cff7d7b9ca508a4ee75ce4b67e165f1eb0d74c7a09ce6f5757fffea0e
GET /css?family=Libre+Barcode+39 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sb2clientstatic-altenar2.biahosted.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 04:54:31 GMT
date: Thu, 22 Sep 2022 04:54:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
mc.yandex.ru/watch/66719647/1?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/66719647/1?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 26a397b47f9d9b23461cce27b5df9ebe
7d1e3fec2e2b784750c87f908deedc0792efd935
f9d284253631c480d838fa1546887de893a354fe0d7f5aebaf886d09f63e761f
GET /watch/66719647/1?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazino777.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 22 Sep 2022 04:54:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://brazino777.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 22-Sep-2022 04:54:31 GMT
last-modified: Thu, 22-Sep-2022 04:54:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
gravity-2.de.nsoftcdn.com/v1/web/bootstrap?v=pt
104.16.96.78200 OK 48 kB URL HTTP/2 gravity-2.de.nsoftcdn.com/v1/web/bootstrap?v=pt
IP 104.16.96.78:0
Hash 0cc6f6d14f71052034e6ec33d1d25aa3
3f08928e7065698d307a058d57826326a1cdb8a8
cebf81e3339a2626e5334bf6873ae0992e966ab390c5645f53fd34e89a02886e
GET /v1/web/bootstrap?v=pt HTTP/1.1
Host: gravity-2.de.nsoftcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Nsft-SCD-Company-Name: victorybrl
X-Nsft-SCD-Company-Id: ee010c47-eb96-4ffe-a11f-bf2736607193
X-Nsft-SCD-App-Base-Name: victory2_web
X-Nsft-SCD-App-Name: victorybrl_web
X-Nsft-SCD-Locale: pt
X-Nsft-SCD-Version: 1.1
Origin: https://victory2.web.7platform.net
Connection: keep-alive
Referer: https://victory2.web.7platform.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:32 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://victory2.web.7platform.net
vary: Origin
access-control-allow-credentials: true
access-control-expose-headers: Access-Token,X-Nsft-IAM-Refresh-Token
etag: W/"13dc0-ZD7fM8whcJRXyeUPEQzzXaK+4Rc"
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e87171bcd50b4d-OSL
X-Firefox-Spdy: h2
cms.kto.com/wp-content/uploads/sites/3/2021/08/16123839/twitter.svg
143.204.55.106200 OK 614 B URL HTTP/2 cms.kto.com/wp-content/uploads/sites/3/2021/08/16123839/twitter.svg
IP 143.204.55.106:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (952)
Hash 2e9440eb48ce0bcf8d6565af13fdcd53
a8968958b9ef9507f6bbbf312e37ce51c9c147ac
f218156d41f767756d4ab0e9d8b16bdb6bc9aa513fcf518586234f50684b2d4c
GET /wp-content/uploads/sites/3/2021/08/16123839/twitter.svg HTTP/1.1
Host: cms.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 614
date: Sat, 27 Aug 2022 05:28:29 GMT
last-modified: Mon, 16 Aug 2021 12:38:40 GMT
etag: "2e9440eb48ce0bcf8d6565af13fdcd53"
cache-control: max-age=31536000
content-encoding: gzip
expires: Tue, 16 Aug 2022 12:38:39 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OY05igEd2PbpEJVolshM9Si8ltscYJOdg0aw9uRL4_M8UQz6tLuoOA==
age: 2244364
X-Firefox-Spdy: h2
cms.kto.com/wp-content/uploads/sites/3/2021/08/16123838/instagram.svg
143.204.55.106200 OK 1.2 kB URL HTTP/2 cms.kto.com/wp-content/uploads/sites/3/2021/08/16123838/instagram.svg
IP 143.204.55.106:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2982)
Hash dd0b7b966139c65171c6eecd0f72c120
329dee007ab48558a65392e91cc1444bb4a94be5
c08e45a61fc3b656dd193eb08a9e36294e7a34fd65652697d99160be3bb576b2
GET /wp-content/uploads/sites/3/2021/08/16123838/instagram.svg HTTP/1.1
Host: cms.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1168
date: Tue, 23 Aug 2022 05:10:56 GMT
last-modified: Mon, 16 Aug 2021 12:38:39 GMT
etag: "dd0b7b966139c65171c6eecd0f72c120"
cache-control: max-age=31536000
content-encoding: gzip
expires: Tue, 16 Aug 2022 12:38:38 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NBtTD0w2_sgjXrR-oDZuG2uA2dg6VEvht9q6hkYTFiMe58J13ILhEA==
age: 2591017
X-Firefox-Spdy: h2
api.kto.com/country/check
104.26.5.172200 OK 22 kB URL HTTP/2 api.kto.com/country/check
IP 104.26.5.172:0
Hash 110edfc06fbed89228e9c0074987b36b
4715e1735824c4d2125e6b1a397773745b04d86e
f650a3e5a2c8f153b097ca922fbe557c98f78166a20695077f9b02b94e291b37
GET /country/check HTTP/1.1
Host: api.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kto.com
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.kto.com
access-control-expose-headers: Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dytZrGToxlkOnjjXze9v3DwYrnNILxSHWHk9WCGJbJ1y%2BXsboyEWg28gaVXdZUM%2BqGnIra4MD1MOEb0VBi47QLm5EZzWjbNR3%2BMmtUzeFBNUq8sXLGE8SwpTb%2FPQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8716ed9b5b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 8cb933b98df5ecc5a55f73d5af1d3dc6
23ecdc89968462dcd886500fefcbbf41b126b4d7
b55134c7e1b213c2c8342ef4892ce2a477476a777c69d4f6bda825bf5e2142a1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 04:54:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 21:03:44 GMT
Expires: Thu, 22 Sep 2022 21:03:44 GMT
ETag: "23ecdc89968462dcd886500fefcbbf41b126b4d7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 8cb933b98df5ecc5a55f73d5af1d3dc6
23ecdc89968462dcd886500fefcbbf41b126b4d7
b55134c7e1b213c2c8342ef4892ce2a477476a777c69d4f6bda825bf5e2142a1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 04:54:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 21:03:44 GMT
Expires: Thu, 22 Sep 2022 21:03:44 GMT
ETag: "23ecdc89968462dcd886500fefcbbf41b126b4d7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 8cb933b98df5ecc5a55f73d5af1d3dc6
23ecdc89968462dcd886500fefcbbf41b126b4d7
b55134c7e1b213c2c8342ef4892ce2a477476a777c69d4f6bda825bf5e2142a1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 04:54:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 21:03:44 GMT
Expires: Thu, 22 Sep 2022 21:03:44 GMT
ETag: "23ecdc89968462dcd886500fefcbbf41b126b4d7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
victory2.web.7platform.net/app/components/base/base.42016aac298e81fa.js
35.228.112.245200 OK 3.4 kB URL HTTP/2 victory2.web.7platform.net/app/components/base/base.42016aac298e81fa.js
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (9363)
Hash df741cd8e549c7992e8cfaf8f1b8d117
65483a4a6d994106d0f1323850baf371f99e8b48
474c8e38e50f6df94d2a9f5be3eb75d75fc40001e866c45505d2f2a808641e9f
GET /app/components/base/base.42016aac298e81fa.js HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 30102
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 20:32:51 GMT
etag: "580d20383a8c5c4eefaf871e0ec711f0-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR9T1JYEX3WQR24AD9HDQ
content-length: 3413
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
5.79.108.114204 No Content 0 B URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
IP 5.79.108.114:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/Bonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kto.com/
Origin: https://www.kto.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.21.0
Date: Thu, 22 Sep 2022 04:54:33 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 14400
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
5.79.108.114204 No Content 464 B URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
IP 5.79.108.114:0
ASN #60781 LeaseWeb Netherlands B.V.
File type gzip compressed data, max compression\012- data
Hash 33f2689e59a6d84bfa71e2173e280409
3e70ddd03ddbd6088609329624c073526a3eca42
4ff44215c4a4dcd67434930882159028feb57bc5c18045b2238952986c9f17b9
OPTIONS /api/Bonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kto.com/
Origin: https://www.kto.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.21.0
Date: Thu, 22 Sep 2022 04:54:33 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 14400
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
menhir.gb.nsoftcdn.com/logout
104.16.96.78200 OK 2.9 kB URL HTTP/2 menhir.gb.nsoftcdn.com/logout
IP 104.16.96.78:0
Hash 8acfd511158d4bfaf1d7e27568e51522
9917a85c2095a6b88f94c75b295b3d67b7c27ae2
7161c5e23c5a649c3203a2b08adc4e051b1a4e28afa3d989f9d41d82b46913b8
OPTIONS /logout HTTP/1.1
Host: menhir.gb.nsoftcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: http-x-nab-dp,http-x-seven-club-uuid,seven-locale
Referer: https://victory2.web.7platform.net/
Origin: https://victory2.web.7platform.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:32 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, DELETE, PUT, OPTIONS, PATCH
access-control-allow-headers: origin, x-requested-with, authorization, content-type, accept, x-custom-header, http-x-nab-device-uuid, http-x-nab-dp, http-x-nab-company-id, http-x-nab-betshop-id, http-x-nab-productinstance-id, http-x-nab-productname, x-http-client, http-x-nab-cpvuuid, seven-app, http-x-seven-club-uuid, seven-locale, http-x-seven-client-ip, seven-tp-token, seven-tp-custom, authentication-method, x-seven-device-token, seven-company-uuid, x-nsft-wallet-usergroup, x-nsft-seven-application, x-nsft-seven-company-uuid, x-nsft-seven-tp-token, x-nsft-seven-account-id, x-nsft-iam-refresh-token
access-control-max-age: 3600
access-control-allow-origin: https://victory2.web.7platform.net
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e87173de5d0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
5.79.108.114200 OK 4.6 kB URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
IP 5.79.108.114:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (4621), with no line terminators
Hash f41f5bc7b172cbed4ae98955e13800c9
c1e6199e485b3a2f98e8780169206de747e34c76
8ae41ded55cd151a519fa8bcbd71f5feeae0f645d4b9d924adf77c1a26f72017
POST /api/Bonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 181
Origin: https://www.kto.com
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Thu, 22 Sep 2022 04:54:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 4621
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
victory2.web.7platform.net/locale/i18n/pt.js
35.228.112.245200 OK 649 B URL HTTP/2 victory2.web.7platform.net/locale/i18n/pt.js
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (1288)
Hash 5d685df15238749c6e2a30a7a33dedb8
824bc2d84b4303be3c3527ef1589595a6a0fea33
faafbd5f19ca09229b01325dfdeebe22a46bca8226ea2d684df3a47708fe7b57
GET /locale/i18n/pt.js HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 30102
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 20:32:52 GMT
etag: "bf192f0552d1e78e923d1689aa2e89d1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRR9V36M1AVPRN4JCE2H0F
content-length: 649
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
5.79.108.114200 OK 4.6 kB URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/Bonus/GetMultipleBonuses
IP 5.79.108.114:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (4621), with no line terminators
Hash f41f5bc7b172cbed4ae98955e13800c9
c1e6199e485b3a2f98e8780169206de747e34c76
8ae41ded55cd151a519fa8bcbd71f5feeae0f645d4b9d924adf77c1a26f72017
POST /api/Bonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 181
Origin: https://www.kto.com
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Thu, 22 Sep 2022 04:54:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 4621
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2auth-altenar2.biahosted.com/api/Auth/GetSkinConfig?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Mobile&numformat=en&integration=kto.com&name=kto.com
5.79.108.114200 OK 2.9 kB URL HTTP/1.1 sb2auth-altenar2.biahosted.com/api/Auth/GetSkinConfig?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Mobile&numformat=en&integration=kto.com&name=kto.com
IP 5.79.108.114:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (2900), with no line terminators
Hash 4fa770b7f97769c5173467b1ce3c94c2
8924fee44541b055ece76e9bc3009af169223d1b
fcdb2b376cd7f2c321bf1b48d2b9ae49baab53a9b20560b546f1a7c67c3d41c2
GET /api/Auth/GetSkinConfig?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Mobile&numformat=en&integration=kto.com&name=kto.com HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kto.com
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Thu, 22 Sep 2022 04:54:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2900
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 5a9bc265a88b825ab638607316288228
68e72aa1ef258babeb80ea6e2646d26ec452eb45
2fa0215db83ff67a3e3024444407279bac6db7642c7e1b54b7752df25a90ccb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3372
x-amzn-requestid: 10d24c22-0b3d-402b-9a10-6cbfc9a699a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG5QHJRoAMFaPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab83b-37ba740c7eba56b30e2ea528;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HGsqwxMmVX7VxodarcMjEsguuw20r6NIWS76MCixRztKziDsR8rVCA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:09:59 GMT
age: 78275
etag: "6ce495268093b256875ec1c4d6a05fc1f3d25446"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b5c8545323317489392c1f56707078e
fcc0cdd72a5c97f13b0c59e5b39e06a6add18a9c
c79efda3b792026233b13c07a2c69e3dff0fdbccfb081c768ffc7e52aa744668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8058
x-amzn-requestid: 78d8a4f9-b85f-4055-a17e-90ccd231e462
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshUOE7jIAMFm-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815b4-7d0717045b5fd71d5a41ccdb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:09:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KIQtEVYv-6RhnqJgjPU8FvwsKCKB48L91EedTn4XPXlylltRVHHTwQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 08:01:19 GMT
age: 75196
etag: "fcc0cdd72a5c97f13b0c59e5b39e06a6add18a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
victory2.web.7platform.net/locale/moment/pt.js
35.228.112.245200 OK 716 B URL HTTP/2 victory2.web.7platform.net/locale/moment/pt.js
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (1320)
Hash 50e485668e39b65eb6c82e6a99a39191
80ade6680106cb44dd47a343cfa3d083d6e2c3bd
272f01fff0481269001d0ef484459853f4704b0b626ec516d8c0f781f480b5f5
GET /locale/moment/pt.js HTTP/1.1
Host: victory2.web.7platform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://victory2.web.7platform.net/prematch?auth=b2b&lang=pt¤cy=BRL&logout=true&odds=decimal&timezone=UTC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 30104
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 20:32:52 GMT
etag: "4164096f54c7b55d8520313f36214296-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDHRRCT7BV02WBN65J5TC1A5
content-length: 716
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3e9d330cc9b9c84fb7846bf0d8c7a0
134720f07ffdbef5ff551bdb3c3743c806d1512d
0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:14:27 GMT
age: 24009
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66719647?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 20 kB URL HTTP/2 mc.yandex.ru/watch/66719647?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type gzip compressed data, from Unix\012- data
Hash e34eeabc9953b30b20bcce736617f0bf
adf250144e107fb7ebd4789c9fe2a264438bc557
580f96ad4e375fa8fb2841bc16a494af66a2e9729f0b074d03d3fc8b39f5adc8
GET /watch/66719647?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazino777.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66719647/1?wmode=7&page-url=https%3A%2F%2Fbrazino777.online%2Fpt%2Fgame%2Fprematch-mts%3Fb7pm%3D625ebe7a6fad3%26ambp%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1460861248651%3Ahid%3A97522504%3Az%3A0%3Ai%3A20220922045431%3Aet%3A1663822471%3Arn%3A655920415%3Arqn%3A1%3Au%3A1663822471223405351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C432%2C0%2C%2C2387%2C34%2C%2C%2C%2C3443%3Ans%3A1663822466231%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663822471%3At%3AApostas%20Esportivas%20Online%20%7C%20At%C3%A9%20900%24%20B%C3%B4nus%20de%20Boas-vindas&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 22 Sep 2022 04:54:31 GMT
access-control-allow-origin: https://brazino777.online
set-cookie: yandexuid=7123284171663822471; Expires=Fri, 22-Sep-2023 04:54:31 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7123284171663822471; Expires=Fri, 22-Sep-2023 04:54:31 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1937396711663822471; Path=/; SameSite=None; Secure
i=YW7sCxsqJspqIFIRfq0Pu5qAO6p7/g0HTxU2pxFNekxTn7PzGtH2b4BAgqaYqJOHI0s/h0J2LcHD17tJ2GQ5vFMKdH0=; Expires=Sun, 19-Sep-2032 04:54:28 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695358471.yrts.1663822471#1695358471.yrtsi.1663822471; Expires=Fri, 22-Sep-2023 04:54:31 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 22-Sep-2022 04:54:31 GMT
last-modified: Thu, 22-Sep-2022 04:54:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/3411537047.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/3411537047.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/3411537047.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json; charset=utf-8
last-modified: Tue, 15 Feb 2022 14:39:22 GMT
x-amz-version-id: zgGowIVIKUXFfQgEG12nbpdq2wxZ2Lpr
etag: W/"f2e6c3431499e740287fcd6251d77bbe"
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 1254
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1o2wB3Nxn1hY6ridKLc5YOtK0wR9PirtqF_EbQY-mi_RO1cdnRiFAg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDOL5DWH6iRv6tj8Ry6Wna2cWQ7dWKkVgLyjhpR4H8uVLn5FgVK7Q0QBlKsKLs8XFt7AD6NBtD9xqLuv3tRNIsEuWEkNk5Gj1LHbNmCLyfmAV%2BjQafAqWAni2PHM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a9f1eb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/2070022041.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/2070022041.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/2070022041.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Fri, 26 Aug 2022 13:54:08 GMT
x-amz-version-id: .S.G0WDt9h6vYo_Rkh.eSsr7k882MjLJ
etag: W/"c5bc8089ecb82c8d51f09a189017da95"
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
age: 1236
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2NoLY4JZgX5Q-NXHiedyj6_BReSMTz6194M--jZEBMDNCjcljX3QRg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDAezCSHsldNsH24fcQOcZ90R%2F9KdTclyQiadIXB8Na%2F3GEzGhu4J4iqp64t8pBJ1XAetirb9VmwRA%2FJSQGW7KwtxuolVjjCIP7QNzD6mBZmANbVUXukwErzMkLX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a7effb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/data/translations/pt-br_override.json?v=1663818485
185.162.231.251200 OK 0 B URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/data/translations/pt-br_override.json?v=1663818485
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
GET /fs/userFiles-v2/galera-1877320/data/translations/pt-br_override.json?v=1663818485 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sport.galera.bet
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/json
vary: Accept-Encoding, User-Agent
last-modified: Wed, 21 Sep 2022 17:52:12 GMT
etag: W/"632b4f4c-28f"
expires: Fri, 22 Sep 2023 04:54:30 GMT
cache-control: max-age=31536000, public
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
pragma: public
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e871697f3eb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/assets/fonts/icomoon.css?v=1663687627
185.162.231.251200 OK 0 B URL HTTP/2 static.springbuilder.site/assets/fonts/icomoon.css?v=1663687627
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
GET /assets/fonts/icomoon.css?v=1663687627 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: minify
etag: W/"6303436b-541d"
expires: Fri, 22 Sep 2023 04:54:27 GMT
last-modified: Mon, 22 Aug 2022 08:50:51 GMT
pragma: public
sb: 1
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 133724
server: cloudflare
cf-ray: 74e871581febb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
menhir.gb.nsoftcdn.com/web/resource/locales
104.16.96.78200 OK 0 B URL HTTP/2 menhir.gb.nsoftcdn.com/web/resource/locales
IP 104.16.96.78:0
OPTIONS /web/resource/locales HTTP/1.1
Host: menhir.gb.nsoftcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: http-x-seven-club-uuid
Referer: https://victory2.web.7platform.net/
Origin: https://victory2.web.7platform.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, DELETE, PUT, OPTIONS, PATCH
access-control-allow-headers: origin, x-requested-with, authorization, content-type, accept, x-custom-header, http-x-nab-device-uuid, http-x-nab-dp, http-x-nab-company-id, http-x-nab-betshop-id, http-x-nab-productinstance-id, http-x-nab-productname, x-http-client, http-x-nab-cpvuuid, seven-app, http-x-seven-club-uuid, seven-locale, http-x-seven-client-ip, seven-tp-token, seven-tp-custom, authentication-method, x-seven-device-token, seven-company-uuid, x-nsft-wallet-usergroup, x-nsft-seven-application, x-nsft-seven-company-uuid, x-nsft-seven-tp-token, x-nsft-seven-account-id, x-nsft-iam-refresh-token
access-control-max-age: 3600
access-control-allow-origin: https://victory2.web.7platform.net
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e8716f9b920b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
a.mgid.com/mgsensor.js?d=1663822470285
104.19.132.78200 OK 0 B URL HTTP/2 a.mgid.com/mgsensor.js?d=1663822470285
IP 104.19.132.78:0
GET /mgsensor.js?d=1663822470285 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: c2b46e77-393e-4cd1-9753-e0c9ae9c4bbb
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=OwRk1hNwgCqtEnATBaMYYpR2iOx_.qDxFqeVv5OcNO4-1663822470-0-AUQug+NZsj7iVLwZbkBMdUHU1d4IytRGq1Xnkqr5GA9T2PEr+07o30VauqqIhA2YkENWdeCrytZxkLoINAHQLJ8=; path=/; expires=Thu, 22-Sep-22 05:24:30 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e87169da77b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.kto.com/pt/app-151e40cb9832e6df7fc8.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/app-151e40cb9832e6df7fc8.js
IP 104.26.4.172:0
GET /pt/app-151e40cb9832e6df7fc8.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=166595
etag: W/"fd7b4d3f7e4a4fb038eff3f4af9ccf3d"
last-modified: Mon, 12 Sep 2022 12:22:05 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: JdE4iQbkdLbM5xL3yZiznuwYiizf2Z5eV8LvG34VCGhP2ib0qVAfQA==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: 2o6laeKaEHte1x.84aIvFoNulvLeC52W
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U76%2Fi83Hw2sgmEgEdtSWAgjYF2siym0iXYD4F%2BSz3h45f96vg%2BdDVY6SJRwvEf7NHG5Nxkg7gOSwh%2FeL8WTtBLq8GY3dzVqM4jZ2Lzk9ux1eTFCW4JB8zWdun3B%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871566b10b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/app-151e40cb9832e6df7fc8.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/app-151e40cb9832e6df7fc8.js
IP 104.26.4.172:0
GET /pt/app-151e40cb9832e6df7fc8.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=166595
etag: W/"fd7b4d3f7e4a4fb038eff3f4af9ccf3d"
last-modified: Mon, 12 Sep 2022 12:22:05 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: JdE4iQbkdLbM5xL3yZiznuwYiizf2Z5eV8LvG34VCGhP2ib0qVAfQA==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: 2o6laeKaEHte1x.84aIvFoNulvLeC52W
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBB2HKGZOcujgD90P9z%2BIJoIsGx4JvXnP2tWcmHXGDKX3caeco7W9nijGzTeBt4O95SUPXzh29ZLpcnJAwcVASTorV8VpZnbcZ7NWca5dtjldjGrC18AIQ3hwatS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87169bc1d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/logo-1641817730845.svg?1641817734157
185.162.231.251200 OK 0 B URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/logo-1641817730845.svg?1641817734157
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
GET /fs/userFiles-v2/galera-1877320/media/logo-1641817730845.svg?1641817734157 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Jan 2022 12:28:50 GMT
etag: W/"61dc2682-241f"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: public, max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Accept-Encoding, User-Agent
access-control-allow-origin: *
pragma: public
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
cf-cache-status: HIT
age: 11398399
server: cloudflare
cf-ray: 74e871580fcfb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/2658873442.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/2658873442.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/2658873442.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Tue, 20 Sep 2022 08:58:20 GMT
x-amz-version-id: nIaa_0en6d1KR0jQr7b7FbsMy.B51H2p
etag: W/"44900c8743e09a8a1b095ef7c97838b8"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1292
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KbbPTpZ67MToSB453RD3KpRpTQ1Jujhb0XPNhpL2OJ9ZzK_BcmYOPA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgoJWnNUyvQVMOTX%2FdMTRqL3MLeobNunlUQEz2SRRIaKGLOGDFjLKtuatkevmrWFygA0VTaZ1zlWpb%2F1FTOTszcoe0ouWauIay7zBpfygSwCXs%2B6m0XbiDhIpbs9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a8f18b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/8910-78a6c659b62f65d4d137.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/8910-78a6c659b62f65d4d137.js
IP 104.26.4.172:0
GET /pt/8910-78a6c659b62f65d4d137.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/javascript
age: 23282
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=4790
etag: W/"5c5a19b99d0041f77d87ac9fda7ae359"
last-modified: Mon, 05 Sep 2022 09:13:43 GMT
vary: Accept-Encoding
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-id: zhdwralUZU1GNmNnDmdq0p5MbL8kgEiGg2AT0s00Dbo5v11wa6TAUQ==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: rgM3xvu5N1SAZR_czSeaxRhT_I_8CTOn
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpOmfZGvhPS7RfJOtzc9stoRztvM1sRM1Pr4GFLZrHJYPEv78YsK%2FNT6DoyL7XNXHBwfAEkOoliDs183GyO0eLKG5McugQVB6NKfGVpJsOWLRzie56LAKPZmZUVO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871614c41b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/9731-052aa3d341c1234060f3.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/9731-052aa3d341c1234060f3.js
IP 104.26.4.172:0
GET /pt/9731-052aa3d341c1234060f3.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: application/javascript
age: 23282
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=301
etag: W/"3b08807ab3ea9c062fec224263975527"
last-modified: Tue, 02 Aug 2022 10:55:07 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: EexUouBx5mXSqENtqyvLCavGk6I8U0-RIV-9IrPkVj_S5eSWUp4ObQ==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: VCo1SRfD_vu8hMFoZNaWHKtWrzZxoJWb
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmbJw8Tg3F87%2F71mw5H883ZjzJhDdg3mFVTncwWcAbHdE7DYp8n0iXwFVshhuFTATJJYmjHHI1lSXHfFnQkZnJ3vvenJ%2Bi1Toh7TNM478zxCssBsBP%2BQ39qTqn62"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871612c24b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
IP 216.58.211.10:0
GET /css2?family=Montserrat:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howsliferightnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 04:54:26 GMT
date: Thu, 22 Sep 2022 04:54:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
record.affiliateskto.com/_wnxLgTOj4RX6lJYWmxbtZGNd7ZgqdRLk/2/
104.18.189.136301 Moved Permanently 0 B URL HTTP/2 record.affiliateskto.com/_wnxLgTOj4RX6lJYWmxbtZGNd7ZgqdRLk/2/
IP 104.18.189.136:0
GET /_wnxLgTOj4RX6lJYWmxbtZGNd7ZgqdRLk/2/ HTTP/1.1
Host: record.affiliateskto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=utf-8
location: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KCxTQFItM0BULSM8YApgCg%3D%3D; expires=Fri, 22-Sep-2023 04:54:26 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk; expires=Fri, 22-Sep-2023 04:54:26 GMT; Max-Age=31536000; path=/; domain=.affiliateskto.com; secure; HttpOnly; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e871517d040b55-OSL
X-Firefox-Spdy: h2
geoapi.bcapps.net/?type=json
185.162.230.2200 OK 0 B URL HTTP/2 geoapi.bcapps.net/?type=json
IP 185.162.230.2:0
ASN #209242 Cloudflare London, LLC
GET /?type=json HTTP/1.1
Host: geoapi.bcapps.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sport.galera.bet/
Origin: https://sport.galera.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e8716a08fa0b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
menhir.gb.nsoftcdn.com/web/resource/locales
104.16.96.78200 OK 0 B URL HTTP/2 menhir.gb.nsoftcdn.com/web/resource/locales
IP 104.16.96.78:0
GET /web/resource/locales HTTP/1.1
Host: menhir.gb.nsoftcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
HTTP-X-SEVEN-CLUB-UUID: ee010c47-eb96-4ffe-a11f-bf2736607193
Origin: https://victory2.web.7platform.net
Connection: keep-alive
Referer: https://victory2.web.7platform.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:31 GMT
content-type: application/json
set-cookie: PHPSESSID=52dab38af73f8fd8117f5f220a0c8643; expires=Fri, 23-Sep-2022 04:54:31 GMT; Max-Age=86400; path=/; HttpOnly
cache-control: no-cache
access-control-allow-origin: https://victory2.web.7platform.net
access-control-allow-credentials: true
access-control-expose-headers: access-token, x-nsft-seven-tp-token, x-nsft-iam-refresh-token, content-disposition
allow: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e871701bce0b4d-OSL
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1829298447.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1829298447.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/1829298447.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Thu, 24 Mar 2022 14:10:19 GMT
x-amz-version-id: rLY4.526G7f0VtN5sDuvTXXhfpBtqTos
etag: W/"c4f4099d7b87d55adfd66c1effd4bf3f"
vary: Accept-Encoding
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
age: 1225
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CY-bGFRjfGu-AucVms_vVpg1dFWE9OI0bMn7B67cBgmnMDYQD7fiEw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhZckKtiiMO3F7FS3jc2j0i8dJLRmNBezHjW%2B2R0V6eTUgJ6aDBemIOc14V2TSu2WJAhsKNC5NqkP%2FJAeGNTrwnF5YZpAhPesOA3hjxL%2B7J4hWQyMHoNFCyyhCga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a7ef9b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10261
185.76.9.15200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
GET /build/footerGameCategoriesBlock.d4480993.css?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"62fd121a-167f"
expires: Thu, 17 Aug 2023 16:37:53 GMT
last-modified: Wed, 17 Aug 2022 16:06:50 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 931953b6-0502-46af-8b93-6ead275c2a73-2292022
x-accel-expires: @1692290273
server: CDN77-Turbo
x-77-nzt: AblMCQ1aNADvI9EuAA
x-77-nzt-ray: PNhRsgH6vxY
x-cache: HIT
x-age: 3068195
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/Translation/StaticTranslations?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Desktop&numformat=en&integration=kto.com
34.102.156.252200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/Translation/StaticTranslations?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Desktop&numformat=en&integration=kto.com
IP 34.102.156.252:0
GET /api/Translation/StaticTranslations?timezoneOffset=-180&langId=8&skinName=kto.com&configId=12&culture=pt-BR&countryCode=&deviceType=Desktop&numformat=en&integration=kto.com HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kto.com
Connection: keep-alive
Referer: https://www.kto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:32 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.kto.com/pt/styles.47e5d8dec07d93abc216.css
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/styles.47e5d8dec07d93abc216.css
IP 104.26.4.172:0
GET /pt/styles.47e5d8dec07d93abc216.css HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:29 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 09:13:44 GMT
x-amz-version-id: H2g.LY0sfIyTkRR5NIyt0X1wb5hWcVtt
cache-control: public, max-age=31536000, immutable
etag: W/"20ddf65d9fb67ed9113558de2a4c769c"
vary: Accept-Encoding
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
age: 23282
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jw4kT_EGHubsj-CiV4PaRHvMnCrL6vEtS-Z92bmf0JuuUVrh1IkkRg==
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fXcoATwYN8sX0VL%2FJKNlqNnoAYgdeTMeNWarm516espCQ2tN92Wf5NgZiIdcOGjem5g1eJLOxzbYWdSX1okyg2Jf7KQD3WWLvIi%2F0mbCtVD3ulgrOT3bnUvaXeQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871612c22b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
br.betano.com/?btag=a_9862b_619c_PU_CD_BR_PA_DT_VOLD[CustomMergeFields]&siteid=9862
104.17.85.89302 Found 0 B URL HTTP/2 br.betano.com/?btag=a_9862b_619c_PU_CD_BR_PA_DT_VOLD[CustomMergeFields]&siteid=9862
IP 104.17.85.89:0
GET /?btag=a_9862b_619c_PU_CD_BR_PA_DT_VOLD[CustomMergeFields]&siteid=9862 HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 04:54:26 GMT
location: /myaccount/ban/country-341629?alt=true
x-farm: BR-SB18
x-cacheable-status: 302
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
set-cookie: sticky=stx27.858
__cf_bm=TNN_x7piX6iu_nv7J2pJ62dByw7Uj3vvo3I9D1ieij4-1663822466-0-AZcmnP/ydUqH+2DPXdWgBAovfx1MquR0M9v+b5l9/7NoJPJcoaXEjX2pD4XLcrqeagJtDwOKGnwAFZ1Yi3Tk96w=; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e8715188081bfa-OSL
X-Firefox-Spdy: h2
www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
104.17.133.181200 OK 0 B URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
IP 104.17.133.181:0
GET /pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:26 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
vary: Accept-Encoding
content-security-policy: frame-src *
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server-timing: vanilla;dur=194.8332
cf-cache-status: DYNAMIC
set-cookie: ASP.NET_SessionId=rew24bgwyyzwmpnwcufihksi; domain=.br.betboo.com; path=/; secure; HttpOnly; SameSite=None
trc.cid=9df9bae85ddc45f7b4f4584a3a8e9c86; domain=.br.betboo.com; expires=Tue, 21-Sep-2027 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
usersettings=lc=false&cid=pt-BR&vc=1&sst=2022-09-22T04:54:26.8476784Z&psst=0001-01-01T00:00:00.0000000Z&lsid=rew24bgwyyzwmpnwcufihksi; domain=.br.betboo.com; expires=Sun, 19-Sep-2032 04:54:26 GMT; path=/; secure; HttpOnly; SameSite=None
lang=pt-br; domain=.br.betboo.com; path=/; secure; SameSite=None
trackerId=5314017; domain=.br.betboo.com; expires=Sat, 22-Oct-2022 04:54:26 GMT; path=/; secure; SameSite=None
trackingAffiliate=5314017; domain=.br.betboo.com; expires=Thu, 22-Sep-2022 08:54:26 GMT; path=/; secure; SameSite=None
tdpeh=; domain=.br.betboo.com; expires=Mon, 10-May-2021 04:54:26 GMT; path=/; secure
__cf_bm=KBeQn4mB7gn3h.8YpuwP1K1L.5CxPpdre4hbStzQFfs-1663822466-0-AWo+N5NCLCKaJCGYv3cimgNfZZ6uQdlYK0C4DR39Z49QSl3b3nnnvSHuZtggiC5MyfS2ERbNWZr1aajvvG7nIMs=; path=/; expires=Thu, 22-Sep-22 05:24:26 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e871506e700b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/arrow-down.svg?1641817783740
185.162.231.251200 OK 0 B URL HTTP/2 static.springbuilder.site/fs/userFiles-v2/galera-1877320/media/arrow-down.svg?1641817783740
IP 185.162.231.251:0
ASN #209242 Cloudflare London, LLC
GET /fs/userFiles-v2/galera-1877320/media/arrow-down.svg?1641817783740 HTTP/1.1
Host: static.springbuilder.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Jan 2022 12:29:40 GMT
etag: W/"61dc26b4-2fc"
expires: Fri, 22 Sep 2023 04:54:27 GMT
cache-control: public, max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Accept-Encoding, User-Agent
access-control-allow-origin: *
pragma: public
strict-transport-security: max-age=15724800; includeSubDomains
sb: 1
cf-cache-status: HIT
age: 14106157
server: cloudflare
cf-ray: 74e871580fd0b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1394045787.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1394045787.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/1394045787.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Thu, 24 Feb 2022 09:38:50 GMT
x-amz-version-id: pafSCvMcYp_GW4jg3WX07WbBP_.oyhzB
etag: W/"18e11dc8d339c1470b4bb51291e8600b"
vary: Accept-Encoding
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
age: 1290
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 24P4Q6bi3cLQC8nU6cOVoVC9lRNpfRj3LvvWRQfnobWSapliuAe8bQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpkU2DvCIV5d9l5Ekb1pfKeRQNncFbOqNai9wB4e3DGohLZIBmEQRQuF0vjecIONtMO3BBcc%2F3TXugPnv06NOVmOZb5Y8bVU8noEhzzxgpPv14K0CIkH4xAEyo4c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a7eefb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
howsliferightnow.com/hilrn/
172.67.165.40200 OK 0 B URL HTTP/2 howsliferightnow.com/hilrn/
IP 172.67.165.40:0
Analyzer Verdict Alert fortinet Malware
GET /hilrn/ HTTP/1.1
Host: howsliferightnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:25 GMT
content-type: text/html
last-modified: Thu, 17 Feb 2022 15:09:38 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgmybvYDamnhARSOQ6VGcOoz4mAhcyY8GdeXq5ot2QhfsKwIWZkJFiNtEMFk5I7vW%2B4S1t2fs%2FrsHMha6PTi4ahC%2B1yfyegdUu09%2Bva3pPFE08pR0RWRvn6E7SzEGpgLylJbHonbPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8714abad50b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.kto.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.4.172:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLE9RkqXKY22F%2BVOYX4yBZMCtZlEqWrjZyFe1qqyMCmTh85lDHvTKXI%2B7Un6N2pl6v%2B1cyKwyeuamdoGeK6CXAzThEaIbYNcK9I4vwU1zsdgpqsB81ngBIKImMR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e871560abfb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 04:54:27 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.kto.com/pt/framework-1672c32cd3210c7e4939.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/framework-1672c32cd3210c7e4939.js
IP 104.26.4.172:0
GET /pt/framework-1672c32cd3210c7e4939.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:30 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=149103
etag: W/"bae0ce8ecf49a6bcdb047f5e00a59e13"
last-modified: Tue, 02 Aug 2022 10:55:07 GMT
vary: Accept-Encoding
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-id: 9nzAIwILW1CZNjH2pLcSxHhXgqqu8teEnZr0LWuY8Lyd7zgT-F00FQ==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: GoHnuJ8YwyRED8Ia54rObYXfTdNR7fma
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj8udj4dJasw%2B1o8%2FXxsUkYLvDXHe%2BnuBZUUPEJ2cxu%2Fj6R2mT1qfw0uU%2FqCgDFt1ocjQQMBZIRQriM%2BQrBawtSe86zFRpVD3VnaLSaqHtSL1N1BJ%2FAyLJ7JYD5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e87169bc1b1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1386839701.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1386839701.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/1386839701.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Tue, 20 Sep 2022 08:58:20 GMT
x-amz-version-id: e5tGCODmWUFyLJTgIU1Oy9svnQ9Nd9nD
etag: W/"434a3bfd77d3aaeb0e6b1828f3c26eb5"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 1293
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WjWuQ7fo49xQkZphOarT5TvWvaxf69cmMzpaJmE8bHucL66Syf8RnQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BA8HtfAzbs6EX1r1isKfU0MaC4ddlcSBHJVz6jUnvs%2BYadKAxDdbgG9dYZfPC5d70pq6O7dpfkeBdAwiy0giXIbTv%2BAcLJP1mv6vzbMFAfK2XvOLD3wURYZX21Op"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a6eeeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/commons-27c955b9d407802c0cc0.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/commons-27c955b9d407802c0cc0.js
IP 104.26.4.172:0
GET /pt/commons-27c955b9d407802c0cc0.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=22629
etag: W/"7edf255fd21c18508d0bb643bc264b58"
last-modified: Mon, 05 Sep 2022 09:13:43 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: yvMZZJ-WKmJ0ycAcDHca8rjTO8o6NR6ylWw-u-0XgCADll0qDiMOhA==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: 568H7CTmaKbacu2jxCPTxp7XrzyCbOWy
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YisII%2BMbHmBy3OhjFWqjWIanJgnrU0V63%2FGDPHVlGY30jge3i4orB3s2vlLSai3Wt0%2F%2FUD7f0ZvuqrwGiB8P7XsNK6OeEGmsA1GympN3FoH5tX1PGbVovlcDBi00"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871581cfeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/esportes/page-data.json?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/esportes/page-data.json?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
IP 104.26.4.172:0
GET /pt/page-data/esportes/page-data.json?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/json
last-modified: Mon, 12 Sep 2022 13:12:32 GMT
x-amz-version-id: jG6YuFQgyjRp600MC2u.yymLXznXL2g2
etag: W/"86744cd197a57316fe24c71a7dcd9928"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1250
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nGpkhSv_6VpI8mSdQECtBAOt7Pt61eaaTzsmyTEu3_SLsa6phc9WPQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYDNpDiCLIl0OMCyxzJmJobltsysDa%2F2qt5QpwF%2BUdFjJtlYw5vqxAyaqRGc5qlPnMaxlqs6Jce1n14elbR6y%2FovN%2FzAGU6DapllAXDwkavHLQc6tqAZM6Sx%2BvQo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871581d05b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/3312572612.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/3312572612.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/3312572612.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Fri, 16 Sep 2022 15:39:05 GMT
x-amz-version-id: 6JqFka6YjfTAy2wzbNJhF71LsjLvKgz7
etag: W/"6f23156ae944a0783f2b27a03d21dd4d"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 1293
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: snZEzzkDdZ8LDfH1VcMME_Ipw4i1BPT7_bcGu7gI2ynSoZtsHi1doA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdR%2FtaMAVvyoCRYDd%2FK9%2FESnbkQhgy8a%2FaO%2F07cGD5Q1sxiuOEI2fTzgNN0Zg1OkK4CFJ3nPk1gYaIzEL0z2HWiqueNvH6BWVjoZOsgAGY1PNFKxY3ZNswLbahN8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a9f1db500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/webpack-runtime-3cfe20e58b15f5934352.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/webpack-runtime-3cfe20e58b15f5934352.js
IP 104.26.4.172:0
GET /pt/webpack-runtime-3cfe20e58b15f5934352.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=8329
etag: W/"a93b2aaba0c3c4e51fb610c7459fe62e"
last-modified: Mon, 12 Sep 2022 12:22:05 GMT
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-id: JbZyo5jrUSgTAldtZfZVmRxRUepn7MyCBGu5rsG3Jq1Ai558HWY0Sw==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: vyCc8C6azhkTrZlf7jDq1tXMLU.Fdz1_
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FduslQxulo%2FPiihntCU0UlnT7DlVBru%2FoQhgPJROLsJehn37vadKRslvrpgWgj%2FelcychmW91invWTGT%2FmynTI7ZyLVHDtsxH3pYBjjVOuEfiGVUO80Wz5twiT6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871565afcb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/app-data.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/app-data.json
IP 104.26.4.172:0
GET /pt/page-data/app-data.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/json
last-modified: Wed, 21 Sep 2022 10:56:36 GMT
x-amz-version-id: GoEJ.5ApPKXgOtbzaA8a6qylWblDdmqV
etag: W/"1e908ddf01e7c4478cd9229434e8c4e4"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1265
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ykeeNVu3Dx7BYf0y5m5BPpLgVPkY9VUqjl1gx9kx_suy3Inx9IKchA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBCEYU3aUSsS%2Fugoh5ZeHb3Ekj8QmUybXBZZj4v56Z%2FEVtTWREE4y2S4k9FDiFSHTavD3DF2kgF2OWmk%2FfHSMrYZHeALAdOitfoEPcN7sUZxVLwqzSBKkQzMv1Os"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871581d02b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.8f9b5ddf.css?v10261
185.76.9.15200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.8f9b5ddf.css?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
GET /build/app.8f9b5ddf.css?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6320524c-11ad0"
expires: Wed, 13 Sep 2023 10:42:46 GMT
last-modified: Tue, 13 Sep 2022 09:50:04 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: bfa38dfd-3cfd-40a0-aab7-4d84b00d6ab6-2562022
x-accel-expires: @1694601766
server: CDN77-Turbo
x-77-nzt: AblMCQ0Xuiv/3osLAA
x-77-nzt-ray: LnLZX24f0/M
x-cache: HIT
x-age: 756702
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/17-2939f2cafddcf220a69c.js
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/17-2939f2cafddcf220a69c.js
IP 104.26.4.172:0
GET /pt/17-2939f2cafddcf220a69c.js HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:27 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=96226
etag: W/"ec01cd4acfc16d0c2685f7d1240b3fb0"
last-modified: Mon, 05 Sep 2022 09:13:43 GMT
vary: Accept-Encoding
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-id: 3tLblLDFWykuU_fkK8IF2QQoclMHGKzFjrVViKrbf97Bd9Hh9VpA4Q==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: Vsuz4_GBeTZgDgEPHnrBeUoeyXNQadsi
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 23287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx8F8L%2Fb1h%2F%2BzaZGRofUqoTV1xrPjtYQtUdFcUIMZjtnz6uRLo%2FEWu9IVHDN4v%2BXt9pJS2HbddM%2Bih0%2FZMofXIreF%2BIKCEvXEtgheQCbCy8zpXnAlacY9C8J4f03"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e871581d01b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kto.com/pt/page-data/sq/d/1218424150.json
104.26.4.172200 OK 0 B URL HTTP/2 www.kto.com/pt/page-data/sq/d/1218424150.json
IP 104.26.4.172:0
GET /pt/page-data/sq/d/1218424150.json HTTP/1.1
Host: www.kto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kto.com/pt/esportes/?myafftkn=jLLc--pJ-Y5hxy74IK-oA2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/json
last-modified: Wed, 21 Sep 2022 10:40:44 GMT
x-amz-version-id: UNGpgDaRY0vBCNp.fvX4ldnlStAzXOo4
etag: W/"6535dc7aca8f6b991d4478936dbfe44c"
vary: Accept-Encoding
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
age: 1294
cache-control: public, max-age=0, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hl3FPxZKjBWsV6Uf_KgBj8RS5Z18ri-d2-_2x3z8dzaeIJWfxr7MEQ==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgzbOmwX%2FrpuOSPXdeWUbhEA1vGvpzNGkgp73nbg0MDUZ%2FO5rHEYyXup%2BPwmO6cLg%2F2SyYlDf%2Bw1KWAjqeu2Wiam4bDfeB9mKJiQa5u%2BjsDVh8dGD0l%2Btu6ZSZ6w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8715a6eebb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10261
185.76.9.15200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10261
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
GET /build/runtime.c126acad.js?v10261 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:54:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"62e3dcdf-dcb"
expires: Sat, 29 Jul 2023 13:46:54 GMT
last-modified: Fri, 29 Jul 2022 13:13:03 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f59ec1f0-8b77-467d-8bec-cd3cc0b29aa9-2102022
x-accel-expires: @1690638414
server: CDN77-Turbo
x-77-nzt: AblMCQ3KHNDvtgVIAA
x-77-nzt-ray: /oLSlbi3RJA
x-cache: HIT
x-age: 4720054
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.ada.support/embed2.16915e5.js
54.230.111.18200 OK 0 B URL HTTP/2 static.ada.support/embed2.16915e5.js
IP 54.230.111.18:0
GET /embed2.16915e5.js HTTP/1.1
Host: static.ada.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sport.galera.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 16:50:12 GMT
x-amz-version-id: kyMc.3oYFViSWGoAAbgCI3m_6.hoaTaj
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 03:59:01 GMT
cache-control: max-age: 172800
etag: W/"ef25031761604da8c4ae37a299e3e341"
vary: Accept-Encoding
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
age: 3332
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rTXeiZvVTZT2olbMPJYyuM5w_Ksjg0eCPoiWZkIyggKTkPsti7nrBQ==
X-Firefox-Spdy: h2