| track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f | 18.184.38.55 | 302 | 0 B |
URL HTTP/1.1track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f IP18.184.38.55:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /41ccc85f-b148-44a3-b3e1-1f92371a917f HTTP/1.1
Host: track.coolestdiscount.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sat, 21 Jan 2023 07:14:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg
Pragma: no-cache
Set-Cookie: 41ccc85f-b148-44a3-b3e1-1f92371a917f-v4=xkCiZGtvvE31K3AkDF0FZfnWPJvDpIyq1SHCZBpvMGY; Max-Age=86400; Expires=Sun, 22-Jan-2023 07:14:53 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
cc-v4=VOlLhsTALmw7gs28T9Jvbja9Jni53X6z4Jh4tI4%2BsRh3%2Bm7Pdx24zbGcKC2vigqlvIUcf4babJuy%2BgcEOB3CMI3WFueLkwsN4OuOAUXS3QDye8PWLK2bKOmLLmc3OUSyZQZlahenjZ%2F2PvKzFadmMg%3D%3D; Max-Age=31536000; Expires=Sun, 21-Jan-2024 07:14:53 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8a5e416451617846248067d72b675125 995b0346adefaf5f2e167d1b81e60cc9afc4f19e c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3284
Expires: Sat, 21 Jan 2023 08:09:37 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash37284a837312d6586460a3b86bbe7bd0 6ac0847abd48eb8607597218aaa2cb2d434c012b 6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Sat, 21 Jan 2023 08:14:27 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 06:34:42 GMT
content-type: application/json
age: 2411
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash17094b856fde02b2c8c2d3845ad325cf 26dc3f2ebf81faf5ab96eb75ffcbead6085528b8 6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Sat, 21 Jan 2023 10:11:58 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qwVoPgLGbTZdqiVbG6zXVKFpB0HN0wwuF1kxycdHLcYoo63HJSIx9msNf9O4s/3Vzm13mGueEu0=
x-amz-request-id: VR4277344CRZJGHF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 06:46:42 GMT
age: 1691
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 07:14:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg | 104.21.54.193 | 302 Found | 0 B |
URL HTTP/2netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg IP104.21.54.193:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg HTTP/1.1
Host: netpuppgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 21 Jan 2023 07:14:53 GMT
content-length: 0
location: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
set-cookie: click-2023-01-21=%2Ci9cYqfJV; expires=Sat, 21 Jan 2023 21:00:00 GMT; path=/
cf-cache-status: DYNAMIC
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 78ce416c4bacb505-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashafc8da6ed43f0221cc570805468d4f9d 3ae4c589c3725a027ef6d3391842c0bd580a4796 e24d34965ef3669d92d64489a51008cd10bdab3a533b8724e68c8fb1fde4bfd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93481
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:53 GMT
Etag: "63ca5b16-118"
Expires: Sun, 22 Jan 2023 09:12:54 GMT
Last-Modified: Fri, 20 Jan 2023 09:12:54 GMT
Server: nginx
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 06:48:58 GMT
age: 1555
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashbdb8a13dfce39d6e151a9ef185a772a1 037a680510f9dbce3c7cc3c0f9115fd587dbcd1d 98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1801
Cache-Control: max-age=94922
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 09:36:56 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| code.jquery.com/jquery-3.5.1.min.js | 69.16.175.42 | 200 OK | 31 kB |
URL HTTP/2code.jquery.com/jquery-3.5.1.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (65451) Hash3700d0b271343804b9b9aa1c13efa521 3d6b03dbd74872ca3dfbb0529f6c80943788f918 fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CP69rp4GEoYBCiQxZTJhM2YyOC02YTRlLTRkYmItYWI0MC04NzgzODQyNTliZTQQ+OiCoKvU+wIaBgjuoa6eBiIMOTEuOTAuNDIuMTU0KJoIMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ1ZDY4Y2MzMC0yY2E2LTQyOTgtYjFlYi02ZWMzN2M0NTYxYWIYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.1vjVVzF4rZOI0wnbM9MZ39WdxUFDMj8V8JlMZQlr26Y=
x-hw: 1674285294.dop203.sk1.t,1674285294.cds231.sk1.hn,1674285294.cds208.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash5422c49666fc195ae94aa0f5cf837bfc e0f1dd926cd9328ccf9cc99389337056c62f1043 f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash5422c49666fc195ae94aa0f5cf837bfc e0f1dd926cd9328ccf9cc99389337056c62f1043 f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf | 172.67.70.112 | 200 OK | 9.2 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf IP172.67.70.112:0
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data Hashd2495c29cb8c91b784fed2fd0a0fa1d9 c7941ff2f980007b7b52a204549654b6dd401dee 6660a8b51189b283b15a6f5aee82bd6b592e184e8f94ea5e296416aaaf58d191
GET /fonts/src/icon-fonts/icomoon.ttf HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: application/octet-stream
content-length: 9196
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-23ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crw91Asu9mWJQwlpQEu7kLqtK6PHfmXd8sxkVmm%2Fg%2BBvr8M0%2FkGfCun8gYVpfbZ0F3jXZZbrYjxYT0vzvCAZtFQJ0FX9WkNfg9SwXCHe8PSKkXjyzbhrVkI4EQy4CnQB6ygTJOTzP7dMsIGoAQUYtic1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41713dbab500-OSL
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff | 172.67.70.112 | 200 OK | 100 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff IP172.67.70.112:0
File typeWeb Open Font Format, TrueType, length 99900, version 0.0\012- data Hash54ef64c4b2fc6b4f4e333af6e60b5d88 9f8ee4218dfc15f7373bd3c48e6a14fce59fa718 68687c711d19784e6ae5fa2ecee925f69be01715699bf9aac38f5d5ae224fa74
GET /fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: font/woff
content-length: 99900
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-1863c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i9xdtdKHcke3GirT1Azg8Qj8pBxdn2Stsq1asF3bQ4A%2FH%2FPu29ogCgWHNgZbc3i3wtS9gGeW%2FnuCA0zF%2BoXFqPFMr1%2BNdXmpwlLV3qkv5thZmN90U5XzxuQUOfx4w3xQPszRM8al08ZLoGWWszzuv%2Bf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41712db1b500-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashe6d21eff1927f7a74984663b16cfe21a b747f7d42cdf7cfea6900348cd257066b2634222 a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:06 GMT
expires: Wed, 17 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 324348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff | 172.67.70.112 | 200 OK | 102 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff IP172.67.70.112:0
File typeWeb Open Font Format, TrueType, length 102380, version 0.0\012- data Size102 kB (102380 bytes) Hasha9fbc3df134338d218ed9f555c9ecee8 37982d974361917f1ddd6555fef3acae3e6911ce d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3
GET /fonts/src/fonts/Pinup-Black/Pinup-Black.woff HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: font/woff
content-length: 102380
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-18fec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BkL0ZjP2t5xs3eIQP3pADYONRPHceQP%2Fo00XCVMOmMoR%2FFRy67e8w4ZzYx51BwEcjqAfFOGHEVpJHUqInwHlAyUO79A9RDn4hXvOvH1MWaDK%2Ff90gWw59849%2Bw0q4oToCg4cwVH2EQeJwnenemBQGU2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41712db3b500-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hashcb0dfd58639e70879a0eb58bfd1dc68a 46f1883f31e1c028135ab131b3e9bf50953738da 486b9743d35fffc7e5ec8b58b5c90b2e9eef9b052a0e7c7276877068091c5623
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63cab7e9-1d7"
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JEuAI4NGq5GnqXe9c4yTta8FoAgM7BG0Df5_i2pNyPpIfbrVCamq5w==
|
|
| demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg | 172.67.70.112 | 200 OK | 2.3 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg IP172.67.70.112:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (752) Hashd1d633ded1c15c76950493ea63a32ce3 78fa9d75df130b3568a0080649cce4fd6ba2b916 59a1634847bafcd66e495d276e24bbbd00d2a6419b622cc4ec4560eba7dd069a
GET /img/logo/logo-casino.svg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1393"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUwIge8O9EY1vDU6R47NvdiOci47o0O%2BihH3wePC%2FAoE2J3%2B1GE9OieTh8e9HysYbnnY%2FLgRRjQY%2F8Yw55zMYBIXZGS4sV6EWoSrN%2B4LQ%2FW%2F6VEp4HP2c9E5cQn1uOJDDj0w68MiONOycNqHkpMCsueg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.42.182.211 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.42.182.211:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LztmiqUsYm/+q83YkBu92Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HYQJOjgsuXC8/9a2Q0rBeVFOYWI=
|
|
| demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png | 172.67.70.112 | 200 OK | 916 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png IP172.67.70.112:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Hash4002504e6a7b16eae1a825909650ec25 857543e6566871461da4c299a186471611925829 0a1fdd6dc7a85ac17b99a484b1fe4f0a926b9e1b1c80c4929f3b312e73e781d1
GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
content-length: 916
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-394"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL2fkaH%2BOJhPCVtkdkftdb6Z2McFLDKmvYofJBzRo2u9dqkLZsjnFTzwtLBubTxh%2FDvAtTFq8y8UanlN%2FQm7bGH8%2B6O%2FAfW9j0pLc35JFddeyfE8NpWAzEZ7kE%2FaQuiFppW%2BYKGhHcMBjdoD9AhN4xcF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41722e78b500-OSL
X-Firefox-Spdy: h2
|
|
| demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co | 54.230.111.32 | 302 Found | 0 B |
URL HTTP/2demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co IP54.230.111.32:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co HTTP/1.1
Host: demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://aviator-demo.spribegaming.com?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
date: Sat, 21 Jan 2023 07:14:54 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5oiBpF6hMLEBaruVTPJ_I8kappg5fg0b0uwUUtzB0a8rzydJjRFEWQ==
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hashb51f1d0ef6588129dfe9c24789339c5c a65a6dce4a457ac67fb70630f636926a4ceb9e5b 48654bc4281d68e4078c76404305552e267e3b6bdf547abd2bd0619c89384831
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100887
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca6a79-1d7"
Expires: Sun, 22 Jan 2023 11:16:21 GMT
Last-Modified: Fri, 20 Jan 2023 10:18:33 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N8FfUId359PkFGiPoaVo5nLYr6WV-iLs0w-JH1EP0_G0Xpvm9be9Cg==
Age: 3468
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hashcb0dfd58639e70879a0eb58bfd1dc68a 46f1883f31e1c028135ab131b3e9bf50953738da 486b9743d35fffc7e5ec8b58b5c90b2e9eef9b052a0e7c7276877068091c5623
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 07:14:54 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zJG4Z5z5U6qzRNIgWSyksJbl2inoLuMKNgsFjiavzRXCReICoE-QsA==
|
|
| aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2 | 143.204.55.37 | 200 OK | 94 kB |
URL HTTP/2aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2 IP143.204.55.37:0
File typeWeb Open Font Format (Version 2), TrueType, length 94192, version 1.131\012- data Hash6e5b1494e933ba58cdb6e80876634552 31af5aaa0c1fa2ecac702feffaca78433d247d00 1c08ce021e5a588a3ffcd822d023eae8322183397fe51a9f5d37adcfb8c9638d
GET /bpg-arial-webfont.deed44e7c0450115.woff2 HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 94192
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Sat, 21 Jan 2023 07:14:54 GMT
cache-control: max-age=86400, public
etag: "6e5b1494e933ba58cdb6e80876634552"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WWm8dABseTtFXyPbt_g4uJr6Y5Mlbi2hnCaH1sFmlIO0dMC8uxP52A==
age: 15535
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hashb51f1d0ef6588129dfe9c24789339c5c a65a6dce4a457ac67fb70630f636926a4ceb9e5b 48654bc4281d68e4078c76404305552e267e3b6bdf547abd2bd0619c89384831
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97419
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca6a79-1d7"
Expires: Sun, 22 Jan 2023 10:18:33 GMT
Last-Modified: Fri, 20 Jan 2023 10:18:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SOX_kE1XoMBYdp5YjnVD6U8sAD_1vlgZogXZANtXW-EhocPZLjlOhA==
|
|
| aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js | 143.204.55.37 | 200 OK | 12 kB |
URL HTTP/2aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js IP143.204.55.37:0
File typeASCII text, with very long lines (1566), with no line terminators Hash1ddface5cb56a28234de44c39ed6b686 e3f0e3fd3dc8a15470800089e9c908a66bf8221e 60f939efc7523b254816134505b3a5b79b47b8596b958c317c1fed408a44c889
GET /runtime.b3e4a4f12e39ab5f.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
date: Fri, 20 Jan 2023 07:24:02 GMT
cache-control: max-age=86400, public
etag: W/"0ef08e25b336c7d9aafcaacceb47e08c"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Dz8qIGvuMmNvdG34HCB-ERzUy4fRjrK79gu6mWnLOoWgjZ0dfsDXnQ==
age: 85853
X-Firefox-Spdy: h2
|
|
| app-config2.spribegaming.com/aviator/demo.json?v=4.1.5 | 54.230.111.86 | 200 OK | 155 B |
URL HTTP/2app-config2.spribegaming.com/aviator/demo.json?v=4.1.5 IP54.230.111.86:0
File typeJSON data\012- , ASCII text, with no line terminators Hashdaa601d9ae51fdb3f6638669e017223a 93458dbc069c971cf01aaa29323eabe67297b5f4 9c155207193e8fac0d10f37842f543d061bae2ccc29bc1b25478ab5cb8a14a3e
GET /aviator/demo.json?v=4.1.5 HTTP/1.1
Host: app-config2.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
content-length: 155
date: Sat, 21 Jan 2023 07:14:17 GMT
x-amzn-requestid: 1a1ca275-d379-45e2-8b32-77d561217665
access-control-allow-origin: *
x-amz-apigw-id: fFOPjFteliAFv6g=
cache-control: public, max-age=60
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-63cb90c9-082406f94b92ab6658b8767c;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kH4mQBggcFib77TlgjrRRdoEnyFgbPxwMkC7M_tCuorxb64zZoZbag==
age: 38
X-Firefox-Spdy: h2
|
|
| aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css | 143.204.55.37 | 200 OK | 269 kB |
URL HTTP/2aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css IP143.204.55.37:0
Size269 kB (269309 bytes) Hash260dd72339ab505af4ebf7412c31eac9 0c3ba5e24476f84e2e86d0b79e5db0c70af5a80d 71797c37c13b8fa73e6a2029dc52b6c6afaea453f69eb32787f397c0f1eccd6a
GET /styles.52c8339cd07e8075.css HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Sat, 21 Jan 2023 02:39:56 GMT
cache-control: max-age=86400, public
etag: W/"b6dc633ec4a8e755bdf47e5deedc55f9"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y85x6wCVCK4wS2XQVRkiKVcywXyTZ03FncOqwBa_HOZWpjUVCHEmFQ==
age: 18115
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4483cb695fef2fe82f38a65e18ea1fd7 ea95504fc5be0259c8c3a39f47f8fcb322bca88d 807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 16:05:34 GMT
age: 54561
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha1b8f3e0407b4d6e24afea546ca274e1 d8a70b23dba532ff8a44ebe4e12890efb5e0c584 24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mkifCnUT7O_yZUfHIFdGexUiYGMk8s_Whsfey8PcmGBUWygX-cnjQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:27 GMT
age: 12988
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash62d64384cabb3ee773d9baa88c9fa9f5 3457882213a7c2d2ec863d75cf629ae4fe320092 7adc5cd3cc8a30b5c45c2995b27daf66fcf95280a4f5feaa46e559da464c75be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9669
x-amzn-requestid: d57517dd-07b7-4477-996d-5cb159f1e608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIvoHVNIAMFVWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254ca-2737608463cd6cd160497e42;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_aXsjLBlAVhp2gaN0IYMYUAFz52XLPOt1B1lDYvm1JFPPrZn7YcjQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 20:30:03 GMT
age: 38692
etag: "3457882213a7c2d2ec863d75cf629ae4fe320092"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png | 172.67.70.112 | 200 OK | 36 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png IP172.67.70.112:0
File typePNG image data, 361 x 168, 8-bit colormap, non-interlaced\012- data Hash41df044df2e520036bd5fd51c8505220 3219491666d3f83746410c996b909bcb482162ab b1e13fcbfb3bedc84513d2ff558723133050fd5f1a076e5da6e6e24a4bcdd4ff
GET /img/title/value-video-br.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-5551"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxs4%2BJY0wdnllZyno072zI3Z6HCZOjLr9N6UHlywKYijSRemYm%2FweXLrHkpEYJCwBEzHHEEE0PdcVMDxdfnj0gyxDRdT1uE%2Fq%2FF7XtbR%2FwS0gVVJtzxBJ4bBIru98Wd96yDP7fbr2epQ5Oa6%2F9rPOKcU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd6b500-OSL
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png | 172.67.70.112 | 200 OK | 16 kB |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png IP172.67.70.112:0
File typePNG image data, 228 x 58, 8-bit/color RGBA, non-interlaced\012- data Hash6fd7806ccecc3412a25de9946b99cd19 a8b64be468bea94d6ab15ca3a5b33fb55d09baae 3f6565d1ae2da25440f1d05e844a74504f3cedfd868b3fac458a3bcc235ba862
GET /img/logo/logo-video-second.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-10d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMmRp4aasuZxzq%2BRc28bE421BKYWGgtuAdvSWDZrY%2F8f5IHZhMXY3eZQifU9OeeXJARf1dge3ZtNi5PvNn%2BhZOVJiboqMI1bMuTyQwNlU95WbQ1eijM4esIvD%2BkVrspzobNOgJ3AvPtedvtkqTdkVf%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd2b500-OSL
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5a7ab95a69ddfa5014258076e66a6e19 1a54cca86788536002d6d18c5180ccf265ba1169 09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 13807
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| app-demo.spribe.io/BlueBox/websocket | 54.230.111.29 | 101 | 3.0 kB |
URL HTTP/1.1app-demo.spribe.io/BlueBox/websocket IP54.230.111.29:0
File typegzip compressed data, from Unix\012- data Hash9593068680d204892df437ed03140183 8e33bfe4d720b1aef66d87f50070c162300bd0b9 1ce8e7b189b10fca5ba8118094a00cf3e3c2b82650430926ff3bbcd581d629b1
GET /BlueBox/websocket HTTP/1.1
Host: app-demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://aviator-demo.spribegaming.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SmRexzxV0iSq5bGv6DvP3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101
Connection: upgrade
Date: Sat, 21 Jan 2023 07:14:55 GMT
Upgrade: websocket
Sec-WebSocket-Accept: pFRCsuCMYY3Aj7zJSw77GF2dvzc=
Sec-WebSocket-Extensions: permessage-deflate
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: ruCJJxpkS9Qq7FBWNhfpbYrv4et6IYgKKtk7a69oYVHrCrykdNrceg==
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash34a6ffa8918b00f3f6d21bd90db799f4 6573697e6488b07ba3551ca7fea9b89220494b3a dff7862c0cfa5ae27f6e8daef94bf0cd05000b667dbabd62a673ec0354e4873b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg | 142.250.74.164 | 200 OK | 613 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg IP142.250.74.164:0
File typeASCII text, with very long lines (954), with no line terminators Hashe5a7a7e9a2a032806508ab081028ad6c eb53a9aafb8339679a1aa68d9377a33aefabbee9 b737083af63cd28b4d34e83ecf27db09b75c429cd13d986af69eaa1cfbcd60a8
GET /recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 21 Jan 2023 07:14:56 GMT
date: Sat, 21 Jan 2023 07:14:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 613
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash9046bdd3634f2cfb8ace7c326c4af05f d92d1610bbcc211f0648ec87b5aee6a562f606db eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js | 142.250.74.35 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (636) Size164 kB (163892 bytes) Hashf2995e9cc3eedf3359420fb8d714b2ca bdc68875ff161b35dbe9d8d85241e41c862ec8e3 fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 315218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css | 142.250.74.35 | 200 OK | 24 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css IP142.250.74.35:0
File typeASCII text, with very long lines (52913), with no line terminators Hashf4bb161deae4e93f1a82e52f82ea2af9 74cd72b02999ea35cde6dd6c1d58ca9aec94da07 3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 22:06:34 GMT
expires: Thu, 18 Jan 2024 22:06:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/css
age: 205702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js | 142.250.74.35 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (636) Size164 kB (163892 bytes) Hashf2995e9cc3eedf3359420fb8d714b2ca bdc68875ff161b35dbe9d8d85241e41c862ec8e3 fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 315218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 120414
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL HTTP/2www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:0
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:48:55 GMT
expires: Tue, 24 Jan 2023 18:48:55 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 303962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheff1c7571054ef3a3535dc3cf0756d38 54ccc9d66c916cab0d7b70135e0331d83f57a2d1 6d2f74f27c2622882bf06980569a8a6cf6402e2ec800cf9987c86a3779d1b023
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10300
x-amzn-requestid: ba8a3ff1-2c2c-4f83-8524-20a003f25ca2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etkvHGbOoAMF18g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2d-0cc97cf827da6b61341da50c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gTUDFWnRFsXI4FoRd-aXSzDLR8JtQfbtwoIImdqzTKpw3qm2RrscSw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:53:26 GMT
age: 12096
etag: "54ccc9d66c916cab0d7b70135e0331d83f57a2d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/background.jpg | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/background.jpg IP172.67.70.112:0
GET /img/background.jpg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/jpeg
cf-bgj: h2pri
etag: W/"61fd5783-1b1cf"
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLAb91%2Blj6jpkn%2FWscXWX2y%2BigbfyRuziXZh%2FsvdWfJ9fCrLQH%2Ba%2FMIQyXc1fEi96DV31a0%2BBRT%2FGvTSvmvDbTp3A917XSGT0725HY%2FLA2GTB8EGOsKbDG8zY0IXgRPKPb5va7Re0U9y%2FBCBX7G3OZ4P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41711d98b500-OSL
X-Firefox-Spdy: h2
|
|
| aviator-demo.spribegaming.com/main.0c79cc1b05645949.js | 143.204.55.37 | 200 OK | 0 B |
URL HTTP/2aviator-demo.spribegaming.com/main.0c79cc1b05645949.js IP143.204.55.37:0
GET /main.0c79cc1b05645949.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Fri, 20 Jan 2023 19:03:20 GMT
cache-control: max-age=86400, public
etag: W/"cd42dcf80f48aad6e53e6b50526934fd"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gdmSOh25JpMNj2qnedFLh7X76VChx0jWeJlpLtwi-_SI1d9EtwRq0Q==
age: 43895
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/main.css | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/main.css IP172.67.70.112:0
GET /main.css HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: text/css
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-86ea"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqJcAOoFRcp4zSFrI6Ll3Atdc7EB0bT1YMIQyAgfPojsIjg6rDDlKttW6P4uHs9yh%2BOp1WA9eAkbay9W%2FQRYPK1BIpubzIth3biRYBpiIMionTZmMBl4De2BN4cm%2BLnNtvCX1Jk0bniNIQ5VTBvTEmLU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd0b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/country/brazil.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/country/brazil.png IP172.67.70.112:0
GET /img/country/brazil.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeXqQVcX1cs6rCa6ybV01EBlwnSfF0BZy%2Bwa0A%2BRAra63a2CMVx2gy009B7jTJsDby9NL4323gCzD%2ByOIh%2BkN70D2Xtdu1Q77%2FS74XMthmqrAFy7qi8NG7LXJU6SW%2FnrqvyZnwGd9MQEq4Mhb9E2BfLp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41717de6b500-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap IP142.250.74.74:0
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 07:14:54 GMT
date: Sat, 21 Jan 2023 07:14:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/aviator.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/aviator.png IP172.67.70.112:0
GET /img/aviator.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-298a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0bIG%2Bqe9Ux%2BWUhzWkDqYt35dNyT2S38Fl%2F%2FkdDh54m%2F7jY%2FGBg7IQQwbVX1iXkOz041NjwK%2FPqkucLy%2BGognNlxE%2Fr8OQp2Ob0di91WV3FjVSFYtKp%2ByGh8md%2B0c0LzYmLGXCALRh5FPqB191Qu%2B9%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da6b500-OSL
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/notebook.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/notebook.png IP172.67.70.112:0
GET /img/notebook.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e6b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPMoOJjCrBSFatgpwFMTPiu3h3v%2BBbVJ8kclv4FDOBgk%2B%2FoSTDOnyIXbIKrkxXS1AUj938vKGN1f5fj3xV%2BQGdQLzyIsuzmZ2rk8xr1vrUw2hbZ%2FE9TvDRqBhOxcWNitlkLKBSPQC5SxWL7NgoDfJH3C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da7b500-OSL
X-Firefox-Spdy: h2
|
|
| aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js | 143.204.55.37 | 200 OK | 0 B |
URL HTTP/2aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js IP143.204.55.37:0
GET /polyfills.48beaefad335fdd8.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
date: Fri, 20 Jan 2023 11:56:22 GMT
cache-control: max-age=86400, public
etag: W/"c46f132cbd8bd1b17320947272a50bed"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gX5LTKM0wVjlL6Z7hH551hR4eH9sJsJFdvpQJ8U2tpnwlrRDARDIZQ==
age: 69513
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= IP172.67.70.112:0
GET /?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:53 GMT
content-type: text/html
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfc9mtQouYl5oJ3ZvTT2lKH7S5LXrAKtHWGRjc3RpVlDdIFCJSCe26nuZwICZM5EJ7XnNKrEXGlZzleuHA%2FoUW%2FTqLhAClXq7vJEI%2BKr25I%2Bfv8690IoHUW7%2FPqr6j9qyC5R3759J8hMfj5XB%2FfIlOyV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce416e5b3ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/bundle.js | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/bundle.js IP172.67.70.112:0
GET /bundle.js HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-128ae"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVrkdXtuLsVEHVgBH3WxPNhedy1tLoyfnWiKD8kCSWYwYvabKY0jDZAbYBVi9Q7v2R8KV9UHslHZNQpa9hvL7QfPNGzgcSkBGbTZHo71lP8dNKrJF7EWoFwJOnVpR48RuQj%2Bz7Js2jSdPNJ1EKPKCMar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd7b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/girl-left.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/girl-left.png IP172.67.70.112:0
GET /img/girl-left.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e1a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W%2FC%2BbuvH9On7BHvJ%2F9X32YjZQE1m1mYOuRm%2B2ap%2B2Ij%2FwSi7ZqY2CotN%2BzJuRWTgqfLUJCNU6aEDJaiKtxJ1HylaFZmLLO%2B3b5ux7z2lC8kISdmRn3GGmoPTxxnuIjIalBR18qDBocaj6Tdv4dTrsSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712dabb500-OSL
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/bonus-bg.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/bonus-bg.png IP172.67.70.112:0
GET /img/bonus-bg.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1742"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DxWNhLRqwq3qJF2NWRcJlS4y84nyHgIBlEY2md55n3fN%2BOTlPpJZ5JkIp2n4zPW0DoJrv7EDTKawcNefmWMtwvR8exqGFq4MtBPjDzRezT5SL5RF3m3XbxB5oKhW4pL48wBWvlWEpw1DiPHDKlbXWgU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da8b500-OSL
X-Firefox-Spdy: h2
|
|
| demo-game-aviator-br.pu020ev.com/img/favicon/apple-touch-icon.png | 172.67.70.112 | 200 OK | 0 B |
URL HTTP/2demo-game-aviator-br.pu020ev.com/img/favicon/apple-touch-icon.png IP172.67.70.112:0
GET /img/favicon/apple-touch-icon.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-2088"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V60Q8P8kcpKhRKw6Ahk8E69ka16JfTsYRev%2BOIfhesbmqBUq6nUwGUPhUX8w%2FqjAEYyfHu7gML1Sb92APsNzR%2FqYayIiyA5Cs5olzKdoKaz4%2B8H8q5R4KynXg45GjTYwSwkz5NbSNRPK6iGT3BNpdoyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41722e76b500-OSL
X-Firefox-Spdy: h2
|
|