Report - track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9

Report Overview

Submitted URL
track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9
IP
18.184.38.55
ASN
#16509 AMAZON-02
Submitted
2023-01-19 22:06:57
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.158
app-config2.spribegaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	784 B	54.230.111.72
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.2 kB	216.58.207.228
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
aviator-demo.spribegaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	1.4 MB	143.204.55.15
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	70 kB	34.120.237.76
app-demo.spribe.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	578 B	8.5 kB	54.230.111.117
track.coolestdiscount.club	315114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	842 B	18.184.38.55
netpuppgo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	532 B	526 B	188.114.97.1
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	32 kB	69.16.175.42
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
demo.spribe.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	544 B	583 B	54.230.111.64
demo-game-aviator-br.pu020ev.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.7 kB	284 kB	172.67.70.112
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	165 kB	142.250.74.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	1.9 kB	142.250.74.74
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.139.17
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	16 kB	216.58.207.227
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-19	medium	track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js	97 kB	2023-03-09	2023-12-02
Pretty URL aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js IP 143.204.55.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-12-02 04:19:46 Times Seen32 Hash c46f132cbd8bd1b17320947272a50bed 1be47dab2ab5a57dd2b9d33463f4a7ead96323b2 2b8997abd6dbb7f2cd2d25205302e482cf0b8ce61d0f6a938d65b40010d692fe Loading...

	aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js	1.6 kB	2023-03-09	2024-01-21
Pretty URL aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js IP 143.204.55.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2024-01-21 10:05:55 Times Seen22 Hash 0ef08e25b336c7d9aafcaacceb47e08c 494a6a31fcc0d80ae1b6e90dca999705940217c5 f1e8e6bada42f904327f84c005df4c607a98ff085a161974c4909e82eb921f79 Loading...

	aviator-demo.spribegaming.com/main.0c79cc1b05645949.js	2.1 MB	2023-03-09	2023-03-13
Pretty URL aviator-demo.spribegaming.com/main.0c79cc1b05645949.js IP 143.204.55.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:12 Last Seen2023-03-13 04:36:03 Times Seen1 Hash cd42dcf80f48aad6e53e6b50526934fd d884ee1fbd7e2f2dcd3a9db97ef2b47dfcbfd1e3 f5cf2c8a31df697c2b98e57f22b6a196137392bee293a092526a05e4bfa91cb1 Loading...

	www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg	954 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:31:05 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 9fc520504417e5c5da4d6df284554cc7 416bbe60ed4b353372b58e24fdc49e47eb00be52 0be21cde36396dc2a68f3957cbb953e8c39de879e8c4f991326492f460837218 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg&co=aHR0cHM6Ly9hdmlhdG9yLWRlbW8uc3ByaWJlZ2FtaW5nLmNvbTo0NDM.&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=11rw3tgwlmu3	315 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg&co=aHR0cHM6Ly9hdmlhdG9yLWRlbW8uc3ByaWJlZ2FtaW5nLmNvbTo0NDM.&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=11rw3tgwlmu3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2023-04-05 02:11:13 Times Seen249 Hash 312a2a397ac7ddf5a927eebe419d7df2 2a35fbcb23a052f9ec3f0621c2e8f69959a16fff 014d324c605331878f1b40bfccc4d6c5fa9af407ef5331491a34fdd68e768273 Loading...

	demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=	5.4 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source= IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 761d43830c6cf0ff1e6ac48a6d93f8c8 891d4104bed7c90fbb0205dcbe4c8649248e71f7 75132d032445733ad6f362a75d55f38c3966bf649fda64dbaefeac816264c3b7 Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 11:24:01 Times Seen139369 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	demo-game-aviator-br.pu020ev.com/bundle.js	76 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/bundle.js IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-03-13 04:36:03 Times Seen1 Hash ade9f44c3ff391501dde22552f251468 c41c64081ce900d621fa9ba4dadb0e11df8ae8b3 ba6fde85305b4a3825f4eec8e42a73aa573dbb368503ca6517c9734f28e9026e Loading...

	demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=	5.4 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source= IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:12 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 09e0ca62f85f24134eea85385825a5f5 c1103e660b6b63e39098d681738eed5fb7903e2b 672944d09cb01ddb55e3e511bd3d932e902d59866d34d544114ddd4f1e040a1a Loading...

	www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js	410 kB	2023-03-13	2024-03-24
Pretty URL www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:20:45 Last Seen2024-03-24 18:46:27 Times Seen35 Hash 6ca0de0986f08b152c7454e290bbc35f 7b14dddf4ed3261b77f1becab4da748bcf7423b0 6b3e6d9ed5dd1f0d2c611513d27ab4a4377757fb0b7804af25f11a656e5094dd Loading...

HTTP Transactions (55)

URL IP Response Size

track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9

18.184.38.55

302

0 B

URL HTTP/1.1
track.coolestdiscount.club/d30bed9b-5fc1-4d61-9111-c39920a7abb9
IP
18.184.38.55:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /d30bed9b-5fc1-4d61-9111-c39920a7abb9 HTTP/1.1
Host: track.coolestdiscount.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Thu, 19 Jan 2023 22:06:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR
Pragma: no-cache
Set-Cookie: d30bed9b-5fc1-4d61-9111-c39920a7abb9-v4=7YzZp33xf8rKYtMdcJemsUp1SZ46WeDaMf9HYXKXHgA; Max-Age=86400; Expires=Fri, 20-Jan-2023 22:06:45 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
cc-v4=1mGvVCZA2ghYGiRzoYWwzP2EbrLmD1v%2FXarvTK%2Boz18iaKsAq%2FjGNFIN0rsF48gRx0hPAhQF8kY8UKykxzwC9F6bm%2Fm9QPaACiVAzOk05%2F%2F4V4e70lQtGTktOutfBzKtBzEnIMIL6czdNHR7zQtETw%3D%3D; Max-Age=31536000; Expires=Fri, 19-Jan-2024 22:06:45 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Fri, 20 Jan 2023 02:52:44 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Thu, 19 Jan 2023 23:53:02 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 21:34:34 GMT
content-type: application/json
age: 1931
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16055
Expires: Fri, 20 Jan 2023 02:34:20 GMT
Date: Thu, 19 Jan 2023 22:06:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wBTlAkgq+gWGiABU4YQRQmyr9tpn+/+yOscHqHHemRVknU+ZL92mUDsigwF4ZbsjcHaU9CS+J+E=
x-amz-request-id: GNHY2SYVH0SEYDVD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 21:17:21 GMT
age: 2964
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 22:06:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR

188.114.97.1

302 Found

0 B

URL HTTP/2
netpuppgo.com/r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r6Mh0f87/?subId1=wj0epu5fftegi61miiv6fmr8&subId2=VG&subId3=Adchampagne_VG_PinUp_WL%202_BR HTTP/1.1
Host: netpuppgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 19 Jan 2023 22:06:45 GMT
content-length: 0
location: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
set-cookie: click-2023-01-20=%2Cr6Mh0f87; expires=Fri, 20 Jan 2023 21:00:00 GMT; path=/
cf-cache-status: DYNAMIC
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 78c2e11e3dd6fab8-OSL
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 21:17:27 GMT
age: 2958
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIaap54GEoYBCiQ5YWE0Y2ZlZS1mNjliLTQxYjQtYTRiMi0wYzFkNzlhNmVjYzMQ+OiCoKvU+wIaBgj2/aaeBiIMOTEuOTAuNDIuMTU0KO4KMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQwYjNmODIxOS1hZmQwLTRmYTItYjRlZi03ZTE4OGFmODUxYzEYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.cweRcBIlOnsJ7XdjjvCHWMevX6y7viH5HmMohy55qL8=
x-hw: 1674166006.dop016.sk1.t,1674166006.cds211.sk1.hn,1674166006.cds208.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Last-Modified: Thu, 19 Jan 2023 21:44:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a435563e4adb6d7d64a8600e6250bf45
a8f5a99620153938ec4cfba0423d6d06c66bb7fe
9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co

54.230.111.64

302 Found

0 B

URL HTTP/2
demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co
IP
54.230.111.64:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co HTTP/1.1
Host: demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://aviator-demo.spribegaming.com?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
date: Thu, 19 Jan 2023 22:06:46 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TbIA7HzmzbQIVzycmRU6aFFkqbYWbhjHt1hb36L6MdIEfUhIiEljeQ==
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png

172.67.70.112

200 OK

22 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 361 x 168, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22312 bytes)
Hash
513dc82d247bca3be00b978cf2c66023
96d1bee47da51e67408bf5160f73a2e7a5fad70c
427aaf343c967f6ce99a8883dbec6c62f6815a4627f9d9c269d667eb943db6c7

HTTP Headers

GET /img/title/value-video-br.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-5551"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXa0oHb0esd5sJbJwWywqH8W%2Fh4kXiPFMuvo%2FLdHdESO6%2BeaTdJl5CeIoGZob01Ra0ztXAvZ%2FooAiBHnh%2BUpzbgK4BT%2B3VZ5DL8oNvr3XkemWovK2DztJVUnP%2BryCuLqURbSrBCoIUOZHhEC5RhEVwFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd9b512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf

172.67.70.112

200 OK

9.2 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
9.2 kB (9196 bytes)
Hash
d2495c29cb8c91b784fed2fd0a0fa1d9
c7941ff2f980007b7b52a204549654b6dd401dee
6660a8b51189b283b15a6f5aee82bd6b592e184e8f94ea5e296416aaaf58d191

HTTP Headers

GET /fonts/src/icon-fonts/icomoon.ttf HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: application/octet-stream
content-length: 9196
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-23ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSkKb%2FQlespTU8lRkazF65XevCZ%2FM5w0q326j7G9YmQqUSVBzgfldTtnWEPYoEYPM9I%2B1jIzXGvNA%2BLIWRjsrCk%2Fbco%2FP4I5%2BYiyGpQneuDT0%2B459x8ezkjXA2xlGvDZVm9tJ%2B2KbOmPrO0Ace2k7BWg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c2e122ee3eb512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg

172.67.70.112

200 OK

102 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (752)
Size
102 kB (101683 bytes)
Hash
ef33577e6432fc80dc36a004af8a6d59
f07aebd534115df38b14ef4ba5cbfbc7eabeab9a
867ae528dae3c0767ec6b06fe991971275575daa08f6af7549e2d0e39d8134ee

HTTP Headers

GET /img/logo/logo-casino.svg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1393"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqoKXVQVq6e5V1LzxE8DQboaJA0%2Bz6aVKNAXSZsyGucl4VMIgJ7eW2A2nCvsuM5t5CEuMBBpsysD0mtPGaDVPSmdTUvWrXCGginvA1aZCSrRrduOjOYiAlINEbZXuAdBYCn3uJpmwjCBWoJcPzts1Uap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png

172.67.70.112

200 OK

107 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (106687 bytes)
Hash
38d8aa62e22319d42a4b6352d6c227aa
22675c29762cffb2a46877b54933cd8b8cae0877
3702c45674e70f2d907cc4ec7824e50429cfd6e1c65537ca5a601d7297d2f1b3

HTTP Headers

GET /img/logo/logo-video-second.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-10d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB9TiZ6aAYtPV%2Fu2WAsnKHotnJ9lxrhFp6of6MUe5YEccjr69a6stwkF%2FKgeDzqljZToI0N4n7YLKT7f45Mnu%2Fw8oMI54rP%2FqWGUc7RBh2mXwHhIDYjruTBpNu3TAu2nDOHVe0laf8lySIkLaWEWODy2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd8b512-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

142.250.74.74

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1173 bytes)
Hash
45788d462c0b1fd32f5df500a825cbef
7b6571b6e23c7f9affeedea0aac871b81cb3fa7b
94415f07e6528eacf87f95aa5507a4abf938d29db8b6ab4ae0f42a69f5356aee

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 22:06:46 GMT
date: Thu, 19 Jan 2023 22:06:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/bundle.js

172.67.70.112

200 OK

34 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/bundle.js
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (57571), with no line terminators
Size
34 kB (33787 bytes)
Hash
1544cfbf6815bbaf106c5cffd783b036
35a310721969811567615e497da2f2d6c71bc1c9
71c9161df163b01bcbb4d3c6d568f6e55394df0038951943ef6c38b7d9923cad

HTTP Headers

GET /bundle.js HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-128ae"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMh%2Fh6tC2EqP%2BCEJJMbEr74kRzucD9gJrTqi5U5UAQmQgBKyswGFYn%2BeB0FzBB8e3EhovglhFS2VYr31beX5i1YMQiEknvpNG8g28aFhcjdM6t1Az5V3qjgoQFgHbep6p4AqKcWMqh1vDFI5Ln1aFrL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121dcdab512-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2710e6694429ed2cf5082b6e48eb6ebe
fd6e63ac90e1d86f37e5f46c98c7592a86106217
928ff655e10cf8a01515e4ca9ad5c7128044617acd61fbd46b613b4861aa5379

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b610de1e8eef23a54ed42713f55b960b
a25762ff603b12e085548cf7442bab3a0aabdad1
15623cfd00b4efc687220b0d31b9a865382a32f556df8f55261437eab5050cf5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134109
Date: Thu, 19 Jan 2023 22:06:46 GMT
Etag: "63c918fa-1d7"
Expires: Sat, 21 Jan 2023 11:21:55 GMT
Last-Modified: Thu, 19 Jan 2023 10:18:34 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZS2pGViEHZY66Mr9hte4mWY47VnMGahNw0TDlvwYZW2ZaU2_fRndxg==
Age: 3801

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a5b21c6b655defa115a9e9b3d788116b
180f4e2719bd7b5803544459cf221811f2157155
15a23617002382e1c1682a4b0b26f7a8296bf4aa4f9c8e077847c48dae27c456

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150132
Date: Thu, 19 Jan 2023 22:06:46 GMT
Etag: "63c9666a-1d7"
Expires: Sat, 21 Jan 2023 15:48:58 GMT
Last-Modified: Thu, 19 Jan 2023 15:48:58 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qFEYsD82tXX26LrFeLlXtM1FBg2VK76kGe66fC3oghcbGQ59flJp_g==

push.services.mozilla.com/

52.38.139.17

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.139.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c07MI/7YSMRnphXlkjdetw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KVsu9uO3RsVQ7RRHisERir6uS1U=

demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png

172.67.70.112

200 OK

916 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
916 B (916 bytes)
Hash
4002504e6a7b16eae1a825909650ec25
857543e6566871461da4c299a186471611925829
0a1fdd6dc7a85ac17b99a484b1fe4f0a926b9e1b1c80c4929f3b312e73e781d1

HTTP Headers

GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
content-length: 916
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-394"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8iqZm1ck%2F0Ltq8s0YgUbVkgxDY78jUndSWMUpqo%2Bvn%2Fp33VeiQcIFx6O5%2F63tusp%2BZGxMfa%2Fnrflhly%2BBQJgOkRThmvg6HIB9YBVtKLqCQC%2FpLhRWhqX8j8ESImg721vMIwJFqsKia1KXOxEKYXFhrd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c2e123cf78b512-OSL
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2

143.204.55.15

200 OK

94 kB

URL HTTP/2
aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 94192, version 1.131\012- data
Size
94 kB (94192 bytes)
Hash
6e5b1494e933ba58cdb6e80876634552
31af5aaa0c1fa2ecac702feffaca78433d247d00
1c08ce021e5a588a3ffcd822d023eae8322183397fe51a9f5d37adcfb8c9638d

HTTP Headers

GET /bpg-arial-webfont.deed44e7c0450115.woff2 HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 94192
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 19 Jan 2023 08:21:11 GMT
cache-control: max-age=86400, public
etag: "6e5b1494e933ba58cdb6e80876634552"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0CuW4FjJEIfJqZ5eboFNQm2kiAGE1_V-P3sHkejYrwgCCoLHN3Bs_w==
age: 49536
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ

143.204.55.15

200 OK

8.2 kB

URL HTTP/2
aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8660)
Size
8.2 kB (8227 bytes)
Hash
47fbd0e80a691aead84e078af688466b
c0265814fe04ba3565719822fc99de20f05966f6
13208304b5ab70fc6072d4fc4e21e3601063629c37f0814318f9db607e608a25

HTTP Headers

GET /?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo-game-aviator-br.pu020ev.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
date: Thu, 19 Jan 2023 22:06:47 GMT
last-modified: Fri, 09 Dec 2022 13:25:50 GMT
etag: W/"c640ea59573a2bc8ad1a0b78d763e383"
cache-control: no-cache, no-store, must-revalidate
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wkyjAhETociMHCrc9H8VtPcsYAywJchyDGVbH9LWJhMrd5dOOHiwRA==
X-Firefox-Spdy: h2

app-config2.spribegaming.com/aviator/demo.json?v=4.1.5

54.230.111.72

200 OK

155 B

URL HTTP/2
app-config2.spribegaming.com/aviator/demo.json?v=4.1.5
IP
54.230.111.72:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
155 B (155 bytes)
Hash
daa601d9ae51fdb3f6638669e017223a
93458dbc069c971cf01aaa29323eabe67297b5f4
9c155207193e8fac0d10f37842f543d061bae2ccc29bc1b25478ab5cb8a14a3e

HTTP Headers

GET /aviator/demo.json?v=4.1.5 HTTP/1.1
Host: app-config2.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json
content-length: 155
date: Thu, 19 Jan 2023 22:06:26 GMT
x-amzn-requestid: 71037c3a-68c0-4b95-a389-d58999ea10d6
access-control-allow-origin: *
x-amz-apigw-id: fArDYFwTFiAFQ6Q=
cache-control: public, max-age=60
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-63c9bee2-3883917e4d97afa811d7b7d2;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IFK99sFBviU4Am-6_2rWcRZIS5XQSUvg2rn7SgFXFDlQlI8wrta2Cg==
age: 21
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/main.0c79cc1b05645949.js

143.204.55.15

200 OK

803 kB

URL HTTP/2
aviator-demo.spribegaming.com/main.0c79cc1b05645949.js
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type
data
Size
803 kB (803237 bytes)
Hash
e5dc7554d82c62b957db6273ca33c03d
b91cf4fa29bb28c680e145d21e4c6ae82a009eb0
21bdc87180282931725ca98d8ce921b4606717a2c84a42c2a5f73545756cf5fb

HTTP Headers

GET /main.0c79cc1b05645949.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 19:03:15 GMT
cache-control: max-age=86400, public
etag: W/"cd42dcf80f48aad6e53e6b50526934fd"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QXye-mWqpHGlxQsX2QhFVUchkS6v_kIEiKpsnEFNgMETDxULhqBYIQ==
age: 11012
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js

143.204.55.15

200 OK

520 kB

URL HTTP/2
aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1566), with no line terminators
Size
520 kB (519733 bytes)
Hash
af5387b59598d593ce368b095531ed21
5e175ce5a2aecd17b050bd2f7f799e4de142e70d
26e0a6c47875e5f298d1322ca078470adcc7d24b50c8e8f8bcda20b46eb36c8a

HTTP Headers

GET /runtime.b3e4a4f12e39ab5f.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 19 Jan 2023 07:15:09 GMT
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
etag: W/"0ef08e25b336c7d9aafcaacceb47e08c"
cache-control: max-age=86400, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eUYkC9JP2UnvFgRKrqpX2qP4BOrKSa9YDv3p560oZnlUbxtvvw1XTg==
age: 53498
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4343
Expires: Thu, 19 Jan 2023 23:19:10 GMT
Date: Thu, 19 Jan 2023 22:06:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
8.9 kB (8925 bytes)
Hash
9c1db1d315eb60b737db57a51d0f1075
24a4123e496771068d094fe590a5f51b2a243264
79be3a685b7c32ecb298eea5effcadf01f4e90067948bd70510750ccb0c9da84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bYiQLNEiz35_p4_5MV3ky7R5fpl4qUYtf-F2KP0C2gzmeXp5B7kgSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 22:17:13 GMT
age: 85774
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
12 kB (12252 bytes)
Hash
846adf76b5dd99e70d3bc60a522f244d
e7b6a3f179ff4860417b520abdacb4b4a2d6c20b
bf9f61abf585d784855d2677c297c80de44eb110a8fb5851d98cf9f0ead6b59a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88cefb6f-1c5c-4b01-a9b7-a36abdbbc20c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10497
x-amzn-requestid: 3bc349ba-7da8-48c8-aa90-2c48c93a023d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEG8mIAMFgMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-08e751fc7f0eacb43fc92712;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bj1mgLbvR-w2s5DeHXjVdV6EKk5hwGDWFvoKS0AvYKy1ycpCivryDA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 04:31:32 GMT
age: 63315
etag: "1c80645a9b9879d1e4b57c546ba35131ba3c28fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
7.6 kB (7563 bytes)
Hash
b8e009d1812a0ebf7be8d4fdceb09a84
16d33cc2eddeea08b95c1abe26a8a34b1645ad31
d7b08d3b1f8da5dad143982e919db180acaedd012c6c58dbd5e990d4f6f8b51d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WdNoHBL4A3J_FHp8V9HLUMNKmEPIw-lstt0OdqYJtcUGfMRZJXPdwQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 18:44:11 GMT
age: 12156
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
12 kB (11702 bytes)
Hash
1dad14c1ff74e7eaf6c6feef78d59782
0e981a95c6f33b03b79c612a6992bb6a23d1df81
95a7f0d91888eb9a385726e9dfc54762e86674a6ef69e47c1939712afdc2e37c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:14:04 GMT
age: 71563
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7871 bytes)
Hash
8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k-RU17DHWFtl1RAp04jhaJ8G0PGvPjVS15XFZAs-JbRCFKi-a0zzFw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:00 GMT
age: 167
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5005 bytes)
Hash
2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W6IcLqvCExGohkv86QqX5Tqak73x7OcI6epoZS4T8OjLMK3GNZih4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:55:47 GMT
age: 660
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

app-demo.spribe.io/BlueBox/websocket

54.230.111.117

101

8.1 kB

URL HTTP/1.1
app-demo.spribe.io/BlueBox/websocket
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
8.1 kB (8090 bytes)
Hash
9ebd08d240c6bba3f7a733ae13063f97
91c1674430d42ebad99833788f44b38633f58449
f514579a8fe0353a99e38fce4ea9a15f03cf1c4497f51fd28da7f6ccc5adffff

HTTP Headers

GET /BlueBox/websocket HTTP/1.1
Host: app-demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://aviator-demo.spribegaming.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q4Ou1DzAXHWUpQFq3az3Yg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Connection: upgrade
Date: Thu, 19 Jan 2023 22:06:47 GMT
Upgrade: websocket
Sec-WebSocket-Accept: +FIlq4uo+UZv1w/zumACZ34lrXY=
Sec-WebSocket-Extensions: permessage-deflate
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: AYgPMe0EhuPdI9ga2QbAyjeIViJNg56JUdqyXkw92_ntjPvvw8jHWA==

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
149a7cdd0e94d31b2237ac241b3bad35
c6e2c3aba0c96ffc26114f79306930a4554964b3
fe9cd8e03a847278924ed338131b5ef16b8ef315db81f3e6387c0621baa46232

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg

216.58.207.228

200 OK

613 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (954), with no line terminators
Size
613 B (613 bytes)
Hash
e5a7a7e9a2a032806508ab081028ad6c
eb53a9aafb8339679a1aa68d9377a33aefabbee9
b737083af63cd28b4d34e83ecf27db09b75c429cd13d986af69eaa1cfbcd60a8

HTTP Headers

GET /recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 19 Jan 2023 22:06:48 GMT
date: Thu, 19 Jan 2023 22:06:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 613
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
623f341fa3fd0e09d3a2b649ea882919
98c12490034b5633fcc6386b627947806495fc61
edf2873ae5aee565800ffbd38c62519e683adf9f4624bd49af202b64f158f5eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:06:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (636)
Size
164 kB (163892 bytes)
Hash
f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1

HTTP Headers

GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 195930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 1125
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8889 bytes)
Hash
816accd72419764cabc1d038af58446c
ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08
d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8889
x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1eHMCoAMF4kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I_gazElY6tP9IsrCWRM7CHI5Jd6uVuruMwXcJV_nNHFI55YqmqG7zg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:08 GMT
age: 346
etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/background.jpg

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/background.jpg
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/background.jpg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/jpeg
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1b1cf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4bKLX2YRNUBWcakh36Gb6LzTEBmufJ6mU%2BAw3pddb%2F1EJ6q7uJSTJ22CvzeQObg7kmxxTJbl%2FJB4Hr77kypYSqKTJ46CcErg61Vtoz%2FwbL0xdWZzJHd%2Bq8lcgCzK6AvKW%2BJC0cu2UCZUnR7%2BLHVz3hV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce15b512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/notebook.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/notebook.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/notebook.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e6b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8alX2QQf8bAqsn4qhnGhN7%2BzfL2bh%2B70MJm35QdieJWvgUf%2FURv3Sx5TuH45WaGdNV73BOgr8aFkBeO%2BNA2d0yhWR7G0hyCJ0hiVR1%2F%2FFdSCtruEyPrHaSSuGfG3q7VpDhLYqAE6Y14zn5zeWteTrr3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1db512-OSL
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css

143.204.55.15

200 OK

0 B

URL HTTP/2
aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles.52c8339cd07e8075.css HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 02:10:27 GMT
cache-control: max-age=86400, public
etag: W/"b6dc633ec4a8e755bdf47e5deedc55f9"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kUE2MUDLsnQHFcefuixmeePkSudZTDf7N6vmp2Y8mMdzxB-PEfDK6A==
age: 71825
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/country/brazil.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/country/brazil.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/country/brazil.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nik5wNuWRcK1OhmmW8mVq2jxpsS8PzHRp78UOMLPdRnom4KYiHAv31xXI9TTk4JSSAhkTAMjVWVd9zpD%2Bszn7lx82Bz4%2FL6cNlEGkGwn4GEciFA1GB3aljEh1INNnY3wYQfXlBifOos%2FtJBgZewrqVBq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e1232e8bb512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/bonus-bg.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/bonus-bg.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/bonus-bg.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1742"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kixBfNpklAI%2BvZHqdpKHuUJlavQ2B99VmuOGhb7wRzTLbgkPpy1VGndD6oVpmr0Oif57e5U3Esjz22DP7hl0%2B3YKRJIL6Yj%2FaKMz3G63uHinn7aHmxK5TkbFKWGp2%2FoCkjzyUnc0zwFpdFGY%2Bny6qFq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1eb512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/girl-left.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/girl-left.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/girl-left.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e1a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fly4F9ZtDCyvtGL%2F18DwG6lYzOfpZkovsHAEXqwT0q1qxBnreTfM7jOXSPqbK8SNUtbGUkn9bZtSodONOLCPrPX5HIkIzLQlC%2FP0ztDv57h6KBnk4l9SQ0tyAR444aMaTVSjGwXhgzy5em85Aq%2FsBNeT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce1fb512-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source= HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:45 GMT
content-type: text/html
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hudzm2frqoX0k1bJLskdakIxl%2FnJlRZVJBI79gv1hgSuydC3lNhUWFbwPV0uL6TL5fhjtR%2BYlVmdre7eamagv%2Bwu1pR73Xvo4cZisQOsArlaQZfHr8pgCBtQOyqKXDZ2Qzs3unoQl51oheLJhRGKxgp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e11fba48b512-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/main.css

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/main.css
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main.css HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=r6Mh0f87&s1=wj0epu5fftegi61miiv6fmr8&s2=VG&s3=Adchampagne_VG_PinUp_WL2_BR&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf4rtt9ct2h6vj88l5i0&source=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: text/css
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-86ea"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0zt01WSbIYz%2FKu%2Bq6w6I94ta8LmmUdVZUKgqqtb%2FJ%2BkgwusjxqcNQqb%2BskSfyj717hZFZNNGJDX5TKsS6geHodxcT59X4jJwqB2osuXUr5kqxa76PWVIAjPOV3VbH%2BpFXQoLPCJS1XpcbNhqXzyPRxb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e121ccd3b512-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/aviator.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/aviator.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/aviator.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:06:46 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-298a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eiN8Jbtftmp7q1I6VK%2Fxy539FCTCrIayoctMZLb%2FCoP4lz%2Fm2APw%2ByMHy4FUc2j93tVZCRfjek25kV20K6htowZIW1JfZGMtFUqY4pcKtdLunonMJYiywGZ46qNYodxfAIiEGwcO0Jhaa7JSkIJgW6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2e122ce17b512-OSL
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js

143.204.55.15

200 OK

0 B

URL HTTP/2
aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js
IP
143.204.55.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /polyfills.48beaefad335fdd8.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=31983&token=XDNUkENiWvkO4Xc35e00LE7nxotx6PsZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 19 Jan 2023 22:06:46 GMT
cache-control: max-age=86400, public
etag: W/"c46f132cbd8bd1b17320947272a50bed"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L2Db8JCe2vqCLKDN_9QFH3pf_ET2vUJfN8Ur0SZCW75b6OhETspYLw==
age: 36812
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML