track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9
18.184.38.55302 0 B URL HTTP/1.1 track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /d30bed9b-5fc1-4d61-9111-c39920a7abb9 HTTP/1.1
Host: track.coolestdiscount.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Thu, 19 Jan 2023 22:06:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR
Pragma: no-cache
Set-Cookie: d30bed9b-5fc1-4d61-9111-c39920a7abb9-v4=7YzZp33xf8rKYtMdcJemsUp1SZ46WeDaMf9HYXKXHgA; Max-Age=86400; Expires=Fri, 20-Jan-2023 22:06:45 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
cc-v4=1mGvVCZA2ghYGiRzoYWwzP2EbrLmD1v%2FXarvTK%2Boz18iaKsAq%2FjGNFIN0rsF48gRx0hPAhQF8kY8UKykxzwC9F6bm%2Fm9QPaACiVAzOk05%2F%2F4V4e70lQtGTktOutfBzKtBzEnIMIL6czdNHR7zQtETw%3D%3D; Max-Age=31536000; Expires=Fri, 19-Jan-2024 22:06:45 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Fri, 20 Jan 2023 02:52:44 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Thu, 19 Jan 2023 23:53:02 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 21:34:34 GMT
content-type: application/json
age: 1931
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16055
Expires: Fri, 20 Jan 2023 02:34:20 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wBTlAkgq+gWGiABU4YQRQmyr9tpn+/+yOscHqHHemRVknU+ZL92mUDsigwF4ZbsjcHaU9CS+J+E=
x-amz-request-id: GNHY2SYVH0SEYDVD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 21:17:21 GMT
age: 2964
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 22:06:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR
188.114.97.1302 Found 0 B URL HTTP/2 netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR HTTP/1.1
Host: netpuppgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 19 Jan 2023 22:06:45 GMT
content-length: 0
location: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
set-cookie: click-2023-01-20=%2Cr6Mh0f87; expires=Fri, 20 Jan 2023 21:00:00 GMT; path=/
cf-cache-status: DYNAMIC
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 78c2e11e3dd6fab8-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 21:17:27 GMT
age: 2958
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIaap54GEoYBCiQ5YWE0Y2ZlZS1mNjliLTQxYjQtYTRiMi0wYzFkNzlhNmVjYzMQ+OiCoKvU+wIaBgj2/aaeBiIMOTEuOTAuNDIuMTU0KO4KMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQwYjNmODIxOS1hZmQwLTRmYTItYjRlZi03ZTE4OGFmODUxYzEYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.cweRcBIlOnsJ7XdjjvCHWMevX6y7viH5HmMohy55qL8=
x-hw: 1674166006.dop016.sk1.t,1674166006.cds211.sk1.hn,1674166006.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Last-Modified: Thu, 19 Jan 2023 21:44:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a435563e4adb6d7d64a8600e6250bf45
a8f5a99620153938ec4cfba0423d6d06c66bb7fe
9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co
54.230.111.64302 Found 0 B URL HTTP/2 demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co
IP 54.230.111.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co HTTP/1.1
Host: demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://aviator-demo.spribegaming.com?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
date: Thu, 19 Jan 2023 22:06:46 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TbIA7HzmzbQIVzycmRU6aFFkqbYWbhjHt1hb36L6MdIEfUhIiEljeQ==
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png
172.67.70.112200 OK 22 kB URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png
IP 172.67.70.112:0
File type PNG image data, 361 x 168, 8-bit colormap, non-interlaced\012- data
Hash 513dc82d247bca3be00b978cf2c66023
96d1bee47da51e67408bf5160f73a2e7a5fad70c
427aaf343c967f6ce99a8883dbec6c62f6815a4627f9d9c269d667eb943db6c7
GET /img/title/value-video-br.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-5551"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXa0oHb0esd5sJbJwWywqH8W%2Fh4kXiPFMuvo%2FLdHdESO6%2BeaTdJl5CeIoGZob01Ra0ztXAvZ%2FooAiBHnh%2BUpzbgK4BT%2B3VZ5DL8oNvr3XkemWovK2DztJVUnP%2BryCuLqURbSrBCoIUOZHhEC5RhEVwFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd9b512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf
172.67.70.112200 OK 9.2 kB URL HTTP/2 demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf
IP 172.67.70.112:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash d2495c29cb8c91b784fed2fd0a0fa1d9
c7941ff2f980007b7b52a204549654b6dd401dee
6660a8b51189b283b15a6f5aee82bd6b592e184e8f94ea5e296416aaaf58d191
GET /fonts/src/icon-fonts/icomoon.ttf HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: application/octet-stream
content-length: 9196
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-23ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSkKb%2FQlespTU8lRkazF65XevCZ%2FM5w0q326j7G9YmQqUSVBzgfldTtnWEPYoEYPM9I%2B1jIzXGvNA%2BLIWRjsrCk%2Fbco%2FP4I5%2BYiyGpQneuDT0%2B459x8ezkjXA2xlGvDZVm9tJ%2B2KbOmPrO0Ace2k7BWg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c2e122ee3eb512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg
172.67.70.112200 OK 102 kB URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg
IP 172.67.70.112:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (752)
Size 102 kB (101683 bytes)
Hash ef33577e6432fc80dc36a004af8a6d59
f07aebd534115df38b14ef4ba5cbfbc7eabeab9a
867ae528dae3c0767ec6b06fe991971275575daa08f6af7549e2d0e39d8134ee
GET /img/logo/logo-casino.svg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1393"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqoKXVQVq6e5V1LzxE8DQboaJA0%2Bz6aVKNAXSZsyGucl4VMIgJ7eW2A2nCvsuM5t5CEuMBBpsysD0mtPGaDVPSmdTUvWrXCGginvA1aZCSrRrduOjOYiAlINEbZXuAdBYCn3uJpmwjCBWoJcPzts1Uap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png
172.67.70.112200 OK 107 kB URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png
IP 172.67.70.112:0
File type PNG image data, 228 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (106687 bytes)
Hash 38d8aa62e22319d42a4b6352d6c227aa
22675c29762cffb2a46877b54933cd8b8cae0877
3702c45674e70f2d907cc4ec7824e50429cfd6e1c65537ca5a601d7297d2f1b3
GET /img/logo/logo-video-second.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-10d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB9TiZ6aAYtPV%2Fu2WAsnKHotnJ9lxrhFp6of6MUe5YEccjr69a6stwkF%2FKgeDzqljZToI0N4n7YLKT7f45Mnu%2Fw8oMI54rP%2FqWGUc7RBh2mXwHhIDYjruTBpNu3TAu2nDOHVe0laf8lySIkLaWEWODy2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd8b512-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP 142.250.74.74:0
Hash 45788d462c0b1fd32f5df500a825cbef
7b6571b6e23c7f9affeedea0aac871b81cb3fa7b
94415f07e6528eacf87f95aa5507a4abf938d29db8b6ab4ae0f42a69f5356aee
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 22:06:46 GMT
date: Thu, 19 Jan 2023 22:06:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/bundle.js
172.67.70.112200 OK 34 kB URL HTTP/2 demo-game-aviator-br.pu020ev.com/bundle.js
IP 172.67.70.112:0
File type Unicode text, UTF-8 text, with very long lines (57571), with no line terminators
Hash 1544cfbf6815bbaf106c5cffd783b036
35a310721969811567615e497da2f2d6c71bc1c9
71c9161df163b01bcbb4d3c6d568f6e55394df0038951943ef6c38b7d9923cad
GET /bundle.js HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-128ae"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMh%2Fh6tC2EqP%2BCEJJMbEr74kRzucD9gJrTqi5U5UAQmQgBKyswGFYn%2BeB0FzBB8e3EhovglhFS2VYr31beX5i1YMQiEknvpNG8g28aFhcjdM6t1Az5V3qjgoQFgHbep6p4AqKcWMqh1vDFI5Ln1aFrL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121dcdab512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2710e6694429ed2cf5082b6e48eb6ebe
fd6e63ac90e1d86f37e5f46c98c7592a86106217
928ff655e10cf8a01515e4ca9ad5c7128044617acd61fbd46b613b4861aa5379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b610de1e8eef23a54ed42713f55b960b
a25762ff603b12e085548cf7442bab3a0aabdad1
15623cfd00b4efc687220b0d31b9a865382a32f556df8f55261437eab5050cf5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134109
Date: Thu, 19 Jan 2023 22:06:46 GMT
Etag: "63c918fa-1d7"
Expires: Sat, 21 Jan 2023 11:21:55 GMT
Last-Modified: Thu, 19 Jan 2023 10:18:34 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZS2pGViEHZY66Mr9hte4mWY47VnMGahNw0TDlvwYZW2ZaU2_fRndxg==
Age: 3801
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a5b21c6b655defa115a9e9b3d788116b
180f4e2719bd7b5803544459cf221811f2157155
15a23617002382e1c1682a4b0b26f7a8296bf4aa4f9c8e077847c48dae27c456
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150132
Date: Thu, 19 Jan 2023 22:06:46 GMT
Etag: "63c9666a-1d7"
Expires: Sat, 21 Jan 2023 15:48:58 GMT
Last-Modified: Thu, 19 Jan 2023 15:48:58 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qFEYsD82tXX26LrFeLlXtM1FBg2VK76kGe66fC3oghcbGQ59flJp_g==
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c07MI/7YSMRnphXlkjdetw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KVsu9uO3RsVQ7RRHisERir6uS1U=
demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png
172.67.70.112200 OK 916 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png
IP 172.67.70.112:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 4002504e6a7b16eae1a825909650ec25
857543e6566871461da4c299a186471611925829
0a1fdd6dc7a85ac17b99a484b1fe4f0a926b9e1b1c80c4929f3b312e73e781d1
GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
content-length: 916
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-394"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8iqZm1ck%2F0Ltq8s0YgUbVkgxDY78jUndSWMUpqo%2Bvn%2Fp33VeiQcIFx6O5%2F63tusp%2BZGxMfa%2Fnrflhly%2BBQJgOkRThmvg6HIB9YBVtKLqCQC%2FpLhRWhqX8j8ESImg721vMIwJFqsKia1KXOxEKYXFhrd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c2e123cf78b512-OSL
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2
143.204.55.15200 OK 94 kB URL HTTP/2 aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2
IP 143.204.55.15:0
File type Web Open Font Format (Version 2), TrueType, length 94192, version 1.131\012- data
Hash 6e5b1494e933ba58cdb6e80876634552
31af5aaa0c1fa2ecac702feffaca78433d247d00
1c08ce021e5a588a3ffcd822d023eae8322183397fe51a9f5d37adcfb8c9638d
GET /bpg-arial-webfont.deed44e7c0450115.woff2 HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 94192
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 19 Jan 2023 08:21:11 GMT
cache-control: max-age=86400, public
etag: "6e5b1494e933ba58cdb6e80876634552"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0CuW4FjJEIfJqZ5eboFNQm2kiAGE1_V-P3sHkejYrwgCCoLHN3Bs_w==
age: 49536
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
143.204.55.15200 OK 8.2 kB URL HTTP/2 aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
IP 143.204.55.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8660)
Hash 47fbd0e80a691aead84e078af688466b
c0265814fe04ba3565719822fc99de20f05966f6
13208304b5ab70fc6072d4fc4e21e3601063629c37f0814318f9db607e608a25
GET /?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo-game-aviator-br.pu020ev.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 19 Jan 2023 22:06:47 GMT
last-modified: Fri, 09 Dec 2022 13:25:50 GMT
etag: W/"c640ea59573a2bc8ad1a0b78d763e383"
cache-control: no-cache, no-store, must-revalidate
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wkyjAhETociMHCrc9H8VtPcsYAywJchyDGVbH9LWJhMrd5dOOHiwRA==
X-Firefox-Spdy: h2
app-config2.spribegaming.com/aviator/demo.json?v=4.1.5
54.230.111.72200 OK 155 B URL HTTP/2 app-config2.spribegaming.com/aviator/demo.json?v=4.1.5
IP 54.230.111.72:0
File type JSON data\012- , ASCII text, with no line terminators
Hash daa601d9ae51fdb3f6638669e017223a
93458dbc069c971cf01aaa29323eabe67297b5f4
9c155207193e8fac0d10f37842f543d061bae2ccc29bc1b25478ab5cb8a14a3e
GET /aviator/demo.json?v=4.1.5 HTTP/1.1
Host: app-config2.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
content-length: 155
date: Thu, 19 Jan 2023 22:06:26 GMT
x-amzn-requestid: 71037c3a-68c0-4b95-a389-d58999ea10d6
access-control-allow-origin: *
x-amz-apigw-id: fArDYFwTFiAFQ6Q=
cache-control: public, max-age=60
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-63c9bee2-3883917e4d97afa811d7b7d2;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IFK99sFBviU4Am-6_2rWcRZIS5XQSUvg2rn7SgFXFDlQlI8wrta2Cg==
age: 21
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/main.0c79cc1b05645949.js
143.204.55.15200 OK 803 kB URL HTTP/2 aviator-demo.spribegaming.com/main.0c79cc1b05645949.js
IP 143.204.55.15:0
Size 803 kB (803237 bytes)
Hash e5dc7554d82c62b957db6273ca33c03d
b91cf4fa29bb28c680e145d21e4c6ae82a009eb0
21bdc87180282931725ca98d8ce921b4606717a2c84a42c2a5f73545756cf5fb
GET /main.0c79cc1b05645949.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 19:03:15 GMT
cache-control: max-age=86400, public
etag: W/"cd42dcf80f48aad6e53e6b50526934fd"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QXye-mWqpHGlxQsX2QhFVUchkS6v_kIEiKpsnEFNgMETDxULhqBYIQ==
age: 11012
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js
143.204.55.15200 OK 520 kB URL HTTP/2 aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js
IP 143.204.55.15:0
File type ASCII text, with very long lines (1566), with no line terminators
Size 520 kB (519733 bytes)
Hash af5387b59598d593ce368b095531ed21
5e175ce5a2aecd17b050bd2f7f799e4de142e70d
26e0a6c47875e5f298d1322ca078470adcc7d24b50c8e8f8bcda20b46eb36c8a
GET /runtime.b3e4a4f12e39ab5f.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 19 Jan 2023 07:15:09 GMT
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
etag: W/"0ef08e25b336c7d9aafcaacceb47e08c"
cache-control: max-age=86400, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eUYkC9JP2UnvFgRKrqpX2qP4BOrKSa9YDv3p560oZnlUbxtvvw1XTg==
age: 53498
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 9c1db1d315eb60b737db57a51d0f1075
24a4123e496771068d094fe590a5f51b2a243264
79be3a685b7c32ecb298eea5effcadf01f4e90067948bd70510750ccb0c9da84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bYiQLNEiz35_p4_5MV3ky7R5fpl4qUYtf-F2KP0C2gzmeXp5B7kgSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 22:17:13 GMT
age: 85774
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 846adf76b5dd99e70d3bc60a522f244d
e7b6a3f179ff4860417b520abdacb4b4a2d6c20b
bf9f61abf585d784855d2677c297c80de44eb110a8fb5851d98cf9f0ead6b59a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10497
x-amzn-requestid: 3bc349ba-7da8-48c8-aa90-2c48c93a023d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEG8mIAMFgMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-08e751fc7f0eacb43fc92712;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bj1mgLbvR-w2s5DeHXjVdV6EKk5hwGDWFvoKS0AvYKy1ycpCivryDA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 04:31:32 GMT
age: 63315
etag: "1c80645a9b9879d1e4b57c546ba35131ba3c28fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP 34.120.237.76:0
Hash b8e009d1812a0ebf7be8d4fdceb09a84
16d33cc2eddeea08b95c1abe26a8a34b1645ad31
d7b08d3b1f8da5dad143982e919db180acaedd012c6c58dbd5e990d4f6f8b51d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WdNoHBL4A3J_FHp8V9HLUMNKmEPIw-lstt0OdqYJtcUGfMRZJXPdwQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 18:44:11 GMT
age: 12156
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 1dad14c1ff74e7eaf6c6feef78d59782
0e981a95c6f33b03b79c612a6992bb6a23d1df81
95a7f0d91888eb9a385726e9dfc54762e86674a6ef69e47c1939712afdc2e37c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:14:04 GMT
age: 71563
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k-RU17DHWFtl1RAp04jhaJ8G0PGvPjVS15XFZAs-JbRCFKi-a0zzFw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:00 GMT
age: 167
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W6IcLqvCExGohkv86QqX5Tqak73x7OcI6epoZS4T8OjLMK3GNZih4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:55:47 GMT
age: 660
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app-demo.spribe.io/BlueBox/websocket
54.230.111.117101 8.1 kB URL HTTP/1.1 app-demo.spribe.io/BlueBox/websocket
IP 54.230.111.117:0
File type gzip compressed data, from Unix\012- data
Hash 9ebd08d240c6bba3f7a733ae13063f97
91c1674430d42ebad99833788f44b38633f58449
f514579a8fe0353a99e38fce4ea9a15f03cf1c4497f51fd28da7f6ccc5adffff
GET /BlueBox/websocket HTTP/1.1
Host: app-demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://aviator-demo.spribegaming.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q4Ou1DzAXHWUpQFq3az3Yg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101
Connection: upgrade
Date: Thu, 19 Jan 2023 22:06:47 GMT
Upgrade: websocket
Sec-WebSocket-Accept: +FIlq4uo+UZv1w/zumACZ34lrXY=
Sec-WebSocket-Extensions: permessage-deflate
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: AYgPMe0EhuPdI9ga2QbAyjeIViJNg56JUdqyXkw92_ntjPvvw8jHWA==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 149a7cdd0e94d31b2237ac241b3bad35
c6e2c3aba0c96ffc26114f79306930a4554964b3
fe9cd8e03a847278924ed338131b5ef16b8ef315db81f3e6387c0621baa46232
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg
216.58.207.228200 OK 613 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg
IP 216.58.207.228:0
File type ASCII text, with very long lines (954), with no line terminators
Hash e5a7a7e9a2a032806508ab081028ad6c
eb53a9aafb8339679a1aa68d9377a33aefabbee9
b737083af63cd28b4d34e83ecf27db09b75c429cd13d986af69eaa1cfbcd60a8
GET /recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 19 Jan 2023 22:06:48 GMT
date: Thu, 19 Jan 2023 22:06:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 613
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623f341fa3fd0e09d3a2b649ea882919
98c12490034b5633fcc6386b627947806495fc61
edf2873ae5aee565800ffbd38c62519e683adf9f4624bd49af202b64f158f5eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 195930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 1125
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 816accd72419764cabc1d038af58446c
ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08
d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8889
x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1eHMCoAMF4kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I_gazElY6tP9IsrCWRM7CHI5Jd6uVuruMwXcJV_nNHFI55YqmqG7zg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:08 GMT
age: 346
etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/background.jpg
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/background.jpg
IP 172.67.70.112:0
GET /img/background.jpg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/jpeg
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1b1cf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4bKLX2YRNUBWcakh36Gb6LzTEBmufJ6mU%2BAw3pddb%2F1EJ6q7uJSTJ22CvzeQObg7kmxxTJbl%2FJB4Hr77kypYSqKTJ46CcErg61Vtoz%2FwbL0xdWZzJHd%2Bq8lcgCzK6AvKW%2BJC0cu2UCZUnR7%2BLHVz3hV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce15b512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/notebook.png
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/notebook.png
IP 172.67.70.112:0
GET /img/notebook.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e6b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8alX2QQf8bAqsn4qhnGhN7%2BzfL2bh%2B70MJm35QdieJWvgUf%2FURv3Sx5TuH45WaGdNV73BOgr8aFkBeO%2BNA2d0yhWR7G0hyCJ0hiVR1%2F%2FFdSCtruEyPrHaSSuGfG3q7VpDhLYqAE6Y14zn5zeWteTrr3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1db512-OSL
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
143.204.55.15200 OK 0 B URL HTTP/2 aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
IP 143.204.55.15:0
GET /styles.52c8339cd07e8075.css HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 02:10:27 GMT
cache-control: max-age=86400, public
etag: W/"b6dc633ec4a8e755bdf47e5deedc55f9"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kUE2MUDLsnQHFcefuixmeePkSudZTDf7N6vmp2Y8mMdzxB-PEfDK6A==
age: 71825
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/country/brazil.png
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/country/brazil.png
IP 172.67.70.112:0
GET /img/country/brazil.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nik5wNuWRcK1OhmmW8mVq2jxpsS8PzHRp78UOMLPdRnom4KYiHAv31xXI9TTk4JSSAhkTAMjVWVd9zpD%2Bszn7lx82Bz4%2FL6cNlEGkGwn4GEciFA1GB3aljEh1INNnY3wYQfXlBifOos%2FtJBgZewrqVBq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e1232e8bb512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/bonus-bg.png
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/bonus-bg.png
IP 172.67.70.112:0
GET /img/bonus-bg.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1742"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kixBfNpklAI%2BvZHqdpKHuUJlavQ2B99VmuOGhb7wRzTLbgkPpy1VGndD6oVpmr0Oif57e5U3Esjz22DP7hl0%2B3YKRJIL6Yj%2FaKMz3G63uHinn7aHmxK5TkbFKWGp2%2FoCkjzyUnc0zwFpdFGY%2Bny6qFq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1eb512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/girl-left.png
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/girl-left.png
IP 172.67.70.112:0
GET /img/girl-left.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e1a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fly4F9ZtDCyvtGL%2F18DwG6lYzOfpZkovsHAEXqwT0q1qxBnreTfM7jOXSPqbK8SNUtbGUkn9bZtSodONOLCPrPX5HIkIzLQlC%2FP0ztDv57h6KBnk4l9SQ0tyAR444aMaTVSjGwXhgzy5em85Aq%2FsBNeT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1fb512-OSL
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
IP 172.67.70.112:0
GET /?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source= HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:45 GMT
content-type: text/html
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hudzm2frqoX0k1bJLskdakIxl%2FnJlRZVJBI79gv1hgSuydC3lNhUWFbwPV0uL6TL5fhjtR%2BYlVmdre7eamagv%2Bwu1pR73Xvo4cZisQOsArlaQZfHr8pgCBtQOyqKXDZ2Qzs3unoQl51oheLJhRGKxgp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e11fba48b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/main.css
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/main.css
IP 172.67.70.112:0
GET /main.css HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: text/css
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-86ea"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0zt01WSbIYz%2FKu%2Bq6w6I94ta8LmmUdVZUKgqqtb%2FJ%2BkgwusjxqcNQqb%2BskSfyj717hZFZNNGJDX5TKsS6geHodxcT59X4jJwqB2osuXUr5kqxa76PWVIAjPOV3VbH%2BpFXQoLPCJS1XpcbNhqXzyPRxb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd3b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
demo-game-aviator-br.pu020ev.com/img/aviator.png
172.67.70.112200 OK 0 B URL HTTP/2 demo-game-aviator-br.pu020ev.com/img/aviator.png
IP 172.67.70.112:0
GET /img/aviator.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-298a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eiN8Jbtftmp7q1I6VK%2Fxy539FCTCrIayoctMZLb%2FCoP4lz%2Fm2APw%2ByMHy4FUc2j93tVZCRfjek25kV20K6htowZIW1JfZGMtFUqY4pcKtdLunonMJYiywGZ46qNYodxfAIiEGwcO0Jhaa7JSkIJgW6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce17b512-OSL
X-Firefox-Spdy: h2
aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js
143.204.55.15200 OK 0 B URL HTTP/2 aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js
IP 143.204.55.15:0
GET /polyfills.48beaefad335fdd8.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 22:06:46 GMT
cache-control: max-age=86400, public
etag: W/"c46f132cbd8bd1b17320947272a50bed"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L2Db8JCe2vqCLKDN_9QFH3pf_ET2vUJfN8Ur0SZCW75b6OhETspYLw==
age: 36812
X-Firefox-Spdy: h2