Report - track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f

Report Overview

Submitted URL
track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f
IP
18.184.38.55
ASN
#16509 AMAZON-02
Submitted
2023-01-21 07:15:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.182.211
app-demo.spribe.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	578 B	3.4 kB	54.230.111.29
track.coolestdiscount.club	315114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	846 B	18.184.38.55
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.7 kB	54.230.245.118
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	32 kB	69.16.175.42
demo-game-aviator-br.pu020ev.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.4 kB	278 kB	172.67.70.112
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	358 kB	142.250.74.35
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	746 B	142.250.74.74
aviator-demo.spribegaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	380 kB	143.204.55.37
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.2 kB	142.250.74.164
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.163
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	986 B	33 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	52 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
netpuppgo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	540 B	537 B	104.21.54.193
demo.spribe.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	544 B	583 B	54.230.111.32
app-config2.spribegaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	784 B	54.230.111.86

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-09
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-09 21:36:55 Times Seen142987 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js	97 kB	2023-03-09	2023-12-02
Pretty URL aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-12-02 04:19:46 Times Seen32 Hash c46f132cbd8bd1b17320947272a50bed 1be47dab2ab5a57dd2b9d33463f4a7ead96323b2 2b8997abd6dbb7f2cd2d25205302e482cf0b8ce61d0f6a938d65b40010d692fe Loading...

	aviator-demo.spribegaming.com/main.0c79cc1b05645949.js	2.1 MB	2023-03-09	2023-03-13
Pretty URL aviator-demo.spribegaming.com/main.0c79cc1b05645949.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:12 Last Seen2023-03-13 04:36:03 Times Seen1 Hash cd42dcf80f48aad6e53e6b50526934fd d884ee1fbd7e2f2dcd3a9db97ef2b47dfcbfd1e3 f5cf2c8a31df697c2b98e57f22b6a196137392bee293a092526a05e4bfa91cb1 Loading...

	www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js	410 kB	2023-03-13	2024-03-24
Pretty URL www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:20:45 Last Seen2024-03-24 18:46:27 Times Seen35 Hash 6ca0de0986f08b152c7454e290bbc35f 7b14dddf4ed3261b77f1becab4da748bcf7423b0 6b3e6d9ed5dd1f0d2c611513d27ab4a4377757fb0b7804af25f11a656e5094dd Loading...

	demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=	5.4 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:12 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 09e0ca62f85f24134eea85385825a5f5 c1103e660b6b63e39098d681738eed5fb7903e2b 672944d09cb01ddb55e3e511bd3d932e902d59866d34d544114ddd4f1e040a1a Loading...

	demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=	5.4 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 761d43830c6cf0ff1e6ac48a6d93f8c8 891d4104bed7c90fbb0205dcbe4c8649248e71f7 75132d032445733ad6f362a75d55f38c3966bf649fda64dbaefeac816264c3b7 Loading...

	demo-game-aviator-br.pu020ev.com/bundle.js	76 kB	2023-03-09	2023-03-13
Pretty URL demo-game-aviator-br.pu020ev.com/bundle.js IP 172.67.70.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2023-03-13 04:36:03 Times Seen1 Hash ade9f44c3ff391501dde22552f251468 c41c64081ce900d621fa9ba4dadb0e11df8ae8b3 ba6fde85305b4a3825f4eec8e42a73aa573dbb368503ca6517c9734f28e9026e Loading...

	aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js	1.6 kB	2023-03-09	2024-01-21
Pretty URL aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:41:11 Last Seen2024-01-21 10:05:55 Times Seen22 Hash 0ef08e25b336c7d9aafcaacceb47e08c 494a6a31fcc0d80ae1b6e90dca999705940217c5 f1e8e6bada42f904327f84c005df4c607a98ff085a161974c4909e82eb921f79 Loading...

	www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg	954 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:31:05 Last Seen2023-03-13 04:36:03 Times Seen1 Hash 9fc520504417e5c5da4d6df284554cc7 416bbe60ed4b353372b58e24fdc49e47eb00be52 0be21cde36396dc2a68f3957cbb953e8c39de879e8c4f991326492f460837218 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg&co=aHR0cHM6Ly9hdmlhdG9yLWRlbW8uc3ByaWJlZ2FtaW5nLmNvbTo0NDM.&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=93w3vfbrqgnj	315 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg&co=aHR0cHM6Ly9hdmlhdG9yLWRlbW8uc3ByaWJlZ2FtaW5nLmNvbTo0NDM.&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=93w3vfbrqgnj IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2023-04-05 02:11:13 Times Seen249 Hash 312a2a397ac7ddf5a927eebe419d7df2 2a35fbcb23a052f9ec3f0621c2e8f69959a16fff 014d324c605331878f1b40bfccc4d6c5fa9af407ef5331491a34fdd68e768273 Loading...

HTTP Transactions (63)

URL IP Response Size

track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f

18.184.38.55

302

0 B

URL HTTP/1.1
track.coolestdiscount.club/41ccc85f-b148-44a3-b3e1-1f92371a917f
IP
18.184.38.55:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /41ccc85f-b148-44a3-b3e1-1f92371a917f HTTP/1.1
Host: track.coolestdiscount.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sat, 21 Jan 2023 07:14:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg
Pragma: no-cache
Set-Cookie: 41ccc85f-b148-44a3-b3e1-1f92371a917f-v4=xkCiZGtvvE31K3AkDF0FZfnWPJvDpIyq1SHCZBpvMGY; Max-Age=86400; Expires=Sun, 22-Jan-2023 07:14:53 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly
cc-v4=VOlLhsTALmw7gs28T9Jvbja9Jni53X6z4Jh4tI4%2BsRh3%2Bm7Pdx24zbGcKC2vigqlvIUcf4babJuy%2BgcEOB3CMI3WFueLkwsN4OuOAUXS3QDye8PWLK2bKOmLLmc3OUSyZQZlahenjZ%2F2PvKzFadmMg%3D%3D; Max-Age=31536000; Expires=Sun, 21-Jan-2024 07:14:53 GMT; Domain=track.coolestdiscount.club; Path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3284
Expires: Sat, 21 Jan 2023 08:09:37 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Sat, 21 Jan 2023 08:14:27 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 06:34:42 GMT
content-type: application/json
age: 2411
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Sat, 21 Jan 2023 10:11:58 GMT
Date: Sat, 21 Jan 2023 07:14:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: qwVoPgLGbTZdqiVbG6zXVKFpB0HN0wwuF1kxycdHLcYoo63HJSIx9msNf9O4s/3Vzm13mGueEu0=
x-amz-request-id: VR4277344CRZJGHF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 06:46:42 GMT
age: 1691
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 07:14:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg

104.21.54.193

302 Found

0 B

URL HTTP/2
netpuppgo.com/i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg
IP
104.21.54.193:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i9cYqfJV/?subId1=wosbsqg3o6ju072miloq1me6&subId2=VG&subId3=Adchampagne_VG_PinUp_Gambling_BR_CPReg HTTP/1.1
Host: netpuppgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sat, 21 Jan 2023 07:14:53 GMT
content-length: 0
location: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
set-cookie: click-2023-01-21=%2Ci9cYqfJV; expires=Sat, 21 Jan 2023 21:00:00 GMT; path=/
cf-cache-status: DYNAMIC
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 78ce416c4bacb505-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
afc8da6ed43f0221cc570805468d4f9d
3ae4c589c3725a027ef6d3391842c0bd580a4796
e24d34965ef3669d92d64489a51008cd10bdab3a533b8724e68c8fb1fde4bfd5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93481
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:53 GMT
Etag: "63ca5b16-118"
Expires: Sun, 22 Jan 2023 09:12:54 GMT
Last-Modified: Fri, 20 Jan 2023 09:12:54 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 06:48:58 GMT
age: 1555
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1801
Cache-Control: max-age=94922
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 09:36:56 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

code.jquery.com/jquery-3.5.1.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CP69rp4GEoYBCiQxZTJhM2YyOC02YTRlLTRkYmItYWI0MC04NzgzODQyNTliZTQQ+OiCoKvU+wIaBgjuoa6eBiIMOTEuOTAuNDIuMTU0KJoIMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ1ZDY4Y2MzMC0yY2E2LTQyOTgtYjFlYi02ZWMzN2M0NTYxYWIYn/EBIhgIAhIUY2RzMjA4LnNrMS5od2Nkbi5uZXQ=.1vjVVzF4rZOI0wnbM9MZ39WdxUFDMj8V8JlMZQlr26Y=
x-hw: 1674285294.dop203.sk1.t,1674285294.cds231.sk1.hn,1674285294.cds208.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf

172.67.70.112

200 OK

9.2 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/fonts/src/icon-fonts/icomoon.ttf
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
9.2 kB (9196 bytes)
Hash
d2495c29cb8c91b784fed2fd0a0fa1d9
c7941ff2f980007b7b52a204549654b6dd401dee
6660a8b51189b283b15a6f5aee82bd6b592e184e8f94ea5e296416aaaf58d191

HTTP Headers

GET /fonts/src/icon-fonts/icomoon.ttf HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: application/octet-stream
content-length: 9196
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-23ec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crw91Asu9mWJQwlpQEu7kLqtK6PHfmXd8sxkVmm%2Fg%2BBvr8M0%2FkGfCun8gYVpfbZ0F3jXZZbrYjxYT0vzvCAZtFQJ0FX9WkNfg9SwXCHe8PSKkXjyzbhrVkI4EQy4CnQB6ygTJOTzP7dMsIGoAQUYtic1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41713dbab500-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff

172.67.70.112

200 OK

100 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 99900, version 0.0\012- data
Size
100 kB (99900 bytes)
Hash
54ef64c4b2fc6b4f4e333af6e60b5d88
9f8ee4218dfc15f7373bd3c48e6a14fce59fa718
68687c711d19784e6ae5fa2ecee925f69be01715699bf9aac38f5d5ae224fa74

HTTP Headers

GET /fonts/src/fonts/Pinup-Regular/Pinup-Regular.woff HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: font/woff
content-length: 99900
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-1863c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i9xdtdKHcke3GirT1Azg8Qj8pBxdn2Stsq1asF3bQ4A%2FH%2FPu29ogCgWHNgZbc3i3wtS9gGeW%2FnuCA0zF%2BoXFqPFMr1%2BNdXmpwlLV3qkv5thZmN90U5XzxuQUOfx4w3xQPszRM8al08ZLoGWWszzuv%2Bf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41712db1b500-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo-game-aviator-br.pu020ev.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:06 GMT
expires: Wed, 17 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 324348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff

172.67.70.112

200 OK

102 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 102380, version 0.0\012- data
Size
102 kB (102380 bytes)
Hash
a9fbc3df134338d218ed9f555c9ecee8
37982d974361917f1ddd6555fef3acae3e6911ce
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3

HTTP Headers

GET /fonts/src/fonts/Pinup-Black/Pinup-Black.woff HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: font/woff
content-length: 102380
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-18fec"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BkL0ZjP2t5xs3eIQP3pADYONRPHceQP%2Fo00XCVMOmMoR%2FFRy67e8w4ZzYx51BwEcjqAfFOGHEVpJHUqInwHlAyUO79A9RDn4hXvOvH1MWaDK%2Ff90gWw59849%2Bw0q4oToCg4cwVH2EQeJwnenemBQGU2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41712db3b500-OSL
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
cb0dfd58639e70879a0eb58bfd1dc68a
46f1883f31e1c028135ab131b3e9bf50953738da
486b9743d35fffc7e5ec8b58b5c90b2e9eef9b052a0e7c7276877068091c5623

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63cab7e9-1d7"
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JEuAI4NGq5GnqXe9c4yTta8FoAgM7BG0Df5_i2pNyPpIfbrVCamq5w==

demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg

172.67.70.112

200 OK

2.3 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/logo/logo-casino.svg
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (752)
Size
2.3 kB (2254 bytes)
Hash
d1d633ded1c15c76950493ea63a32ce3
78fa9d75df130b3568a0080649cce4fd6ba2b916
59a1634847bafcd66e495d276e24bbbd00d2a6419b622cc4ec4560eba7dd069a

HTTP Headers

GET /img/logo/logo-casino.svg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1393"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUwIge8O9EY1vDU6R47NvdiOci47o0O%2BihH3wePC%2FAoE2J3%2B1GE9OieTh8e9HysYbnnY%2FLgRRjQY%2F8Yw55zMYBIXZGS4sV6EWoSrN%2B4LQ%2FW%2F6VEp4HP2c9E5cQn1uOJDDj0w68MiONOycNqHkpMCsueg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.42.182.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.182.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LztmiqUsYm/+q83YkBu92Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HYQJOjgsuXC8/9a2Q0rBeVFOYWI=

demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png

172.67.70.112

200 OK

916 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/favicon/favicon-16x16.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
916 B (916 bytes)
Hash
4002504e6a7b16eae1a825909650ec25
857543e6566871461da4c299a186471611925829
0a1fdd6dc7a85ac17b99a484b1fe4f0a926b9e1b1c80c4929f3b312e73e781d1

HTTP Headers

GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
content-length: 916
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
etag: "61fd5783-394"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL2fkaH%2BOJhPCVtkdkftdb6Z2McFLDKmvYofJBzRo2u9dqkLZsjnFTzwtLBubTxh%2FDvAtTFq8y8UanlN%2FQm7bGH8%2B6O%2FAfW9j0pLc35JFddeyfE8NpWAzEZ7kE%2FaQuiFppW%2BYKGhHcMBjdoD9AhN4xcF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce41722e78b500-OSL
X-Firefox-Spdy: h2

demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co

54.230.111.32

302 Found

0 B

URL HTTP/2
demo.spribe.io/launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co
IP
54.230.111.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /launch/aviator?currency=BRL&lang=BR&return_url=https://spribe.co HTTP/1.1
Host: demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://aviator-demo.spribegaming.com?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
date: Sat, 21 Jan 2023 07:14:54 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5oiBpF6hMLEBaruVTPJ_I8kappg5fg0b0uwUUtzB0a8rzydJjRFEWQ==
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b51f1d0ef6588129dfe9c24789339c5c
a65a6dce4a457ac67fb70630f636926a4ceb9e5b
48654bc4281d68e4078c76404305552e267e3b6bdf547abd2bd0619c89384831

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100887
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca6a79-1d7"
Expires: Sun, 22 Jan 2023 11:16:21 GMT
Last-Modified: Fri, 20 Jan 2023 10:18:33 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N8FfUId359PkFGiPoaVo5nLYr6WV-iLs0w-JH1EP0_G0Xpvm9be9Cg==
Age: 3468

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
cb0dfd58639e70879a0eb58bfd1dc68a
46f1883f31e1c028135ab131b3e9bf50953738da
486b9743d35fffc7e5ec8b58b5c90b2e9eef9b052a0e7c7276877068091c5623

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 07:14:54 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zJG4Z5z5U6qzRNIgWSyksJbl2inoLuMKNgsFjiavzRXCReICoE-QsA==

aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2

143.204.55.37

200 OK

94 kB

URL HTTP/2
aviator-demo.spribegaming.com/bpg-arial-webfont.deed44e7c0450115.woff2
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 94192, version 1.131\012- data
Size
94 kB (94192 bytes)
Hash
6e5b1494e933ba58cdb6e80876634552
31af5aaa0c1fa2ecac702feffaca78433d247d00
1c08ce021e5a588a3ffcd822d023eae8322183397fe51a9f5d37adcfb8c9638d

HTTP Headers

GET /bpg-arial-webfont.deed44e7c0450115.woff2 HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 94192
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Sat, 21 Jan 2023 07:14:54 GMT
cache-control: max-age=86400, public
etag: "6e5b1494e933ba58cdb6e80876634552"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WWm8dABseTtFXyPbt_g4uJr6Y5Mlbi2hnCaH1sFmlIO0dMC8uxP52A==
age: 15535
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b51f1d0ef6588129dfe9c24789339c5c
a65a6dce4a457ac67fb70630f636926a4ceb9e5b
48654bc4281d68e4078c76404305552e267e3b6bdf547abd2bd0619c89384831

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97419
Date: Sat, 21 Jan 2023 07:14:54 GMT
Etag: "63ca6a79-1d7"
Expires: Sun, 22 Jan 2023 10:18:33 GMT
Last-Modified: Fri, 20 Jan 2023 10:18:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SOX_kE1XoMBYdp5YjnVD6U8sAD_1vlgZogXZANtXW-EhocPZLjlOhA==

aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js

143.204.55.37

200 OK

12 kB

URL HTTP/2
aviator-demo.spribegaming.com/runtime.b3e4a4f12e39ab5f.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1566), with no line terminators
Size
12 kB (11822 bytes)
Hash
1ddface5cb56a28234de44c39ed6b686
e3f0e3fd3dc8a15470800089e9c908a66bf8221e
60f939efc7523b254816134505b3a5b79b47b8596b958c317c1fed408a44c889

HTTP Headers

GET /runtime.b3e4a4f12e39ab5f.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
date: Fri, 20 Jan 2023 07:24:02 GMT
cache-control: max-age=86400, public
etag: W/"0ef08e25b336c7d9aafcaacceb47e08c"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Dz8qIGvuMmNvdG34HCB-ERzUy4fRjrK79gu6mWnLOoWgjZ0dfsDXnQ==
age: 85853
X-Firefox-Spdy: h2

app-config2.spribegaming.com/aviator/demo.json?v=4.1.5

54.230.111.86

200 OK

155 B

URL HTTP/2
app-config2.spribegaming.com/aviator/demo.json?v=4.1.5
IP
54.230.111.86:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
155 B (155 bytes)
Hash
daa601d9ae51fdb3f6638669e017223a
93458dbc069c971cf01aaa29323eabe67297b5f4
9c155207193e8fac0d10f37842f543d061bae2ccc29bc1b25478ab5cb8a14a3e

HTTP Headers

GET /aviator/demo.json?v=4.1.5 HTTP/1.1
Host: app-config2.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json
content-length: 155
date: Sat, 21 Jan 2023 07:14:17 GMT
x-amzn-requestid: 1a1ca275-d379-45e2-8b32-77d561217665
access-control-allow-origin: *
x-amz-apigw-id: fFOPjFteliAFv6g=
cache-control: public, max-age=60
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-63cb90c9-082406f94b92ab6658b8767c;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kH4mQBggcFib77TlgjrRRdoEnyFgbPxwMkC7M_tCuorxb64zZoZbag==
age: 38
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css

143.204.55.37

200 OK

269 kB

URL HTTP/2
aviator-demo.spribegaming.com/styles.52c8339cd07e8075.css
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
data
Size
269 kB (269309 bytes)
Hash
260dd72339ab505af4ebf7412c31eac9
0c3ba5e24476f84e2e86d0b79e5db0c70af5a80d
71797c37c13b8fa73e6a2029dc52b6c6afaea453f69eb32787f397c0f1eccd6a

HTTP Headers

GET /styles.52c8339cd07e8075.css HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Sat, 21 Jan 2023 02:39:56 GMT
cache-control: max-age=86400, public
etag: W/"b6dc633ec4a8e755bdf47e5deedc55f9"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y85x6wCVCK4wS2XQVRkiKVcywXyTZ03FncOqwBa_HOZWpjUVCHEmFQ==
age: 18115
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3403
Expires: Sat, 21 Jan 2023 08:11:38 GMT
Date: Sat, 21 Jan 2023 07:14:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9657 bytes)
Hash
4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 16:05:34 GMT
age: 54561
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6377 bytes)
Hash
a1b8f3e0407b4d6e24afea546ca274e1
d8a70b23dba532ff8a44ebe4e12890efb5e0c584
24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mkifCnUT7O_yZUfHIFdGexUiYGMk8s_Whsfey8PcmGBUWygX-cnjQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:27 GMT
age: 12988
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9669 bytes)
Hash
62d64384cabb3ee773d9baa88c9fa9f5
3457882213a7c2d2ec863d75cf629ae4fe320092
7adc5cd3cc8a30b5c45c2995b27daf66fcf95280a4f5feaa46e559da464c75be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9669
x-amzn-requestid: d57517dd-07b7-4477-996d-5cb159f1e608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIvoHVNIAMFVWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254ca-2737608463cd6cd160497e42;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_aXsjLBlAVhp2gaN0IYMYUAFz52XLPOt1B1lDYvm1JFPPrZn7YcjQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 20:30:03 GMT
age: 38692
etag: "3457882213a7c2d2ec863d75cf629ae4fe320092"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png

172.67.70.112

200 OK

36 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/title/value-video-br.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 361 x 168, 8-bit colormap, non-interlaced\012- data
Size
36 kB (35665 bytes)
Hash
41df044df2e520036bd5fd51c8505220
3219491666d3f83746410c996b909bcb482162ab
b1e13fcbfb3bedc84513d2ff558723133050fd5f1a076e5da6e6e24a4bcdd4ff

HTTP Headers

GET /img/title/value-video-br.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-5551"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxs4%2BJY0wdnllZyno072zI3Z6HCZOjLr9N6UHlywKYijSRemYm%2FweXLrHkpEYJCwBEzHHEEE0PdcVMDxdfnj0gyxDRdT1uE%2Fq%2FF7XtbR%2FwS0gVVJtzxBJ4bBIru98Wd96yDP7fbr2epQ5Oa6%2F9rPOKcU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd6b500-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png

172.67.70.112

200 OK

16 kB

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/logo/logo-video-second.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15869 bytes)
Hash
6fd7806ccecc3412a25de9946b99cd19
a8b64be468bea94d6ab15ca3a5b33fb55d09baae
3f6565d1ae2da25440f1d05e844a74504f3cedfd868b3fac458a3bcc235ba862

HTTP Headers

GET /img/logo/logo-video-second.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-10d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMmRp4aasuZxzq%2BRc28bE421BKYWGgtuAdvSWDZrY%2F8f5IHZhMXY3eZQifU9OeeXJARf1dge3ZtNi5PvNn%2BhZOVJiboqMI1bMuTyQwNlU95WbQ1eijM4esIvD%2BkVrspzobNOgJ3AvPtedvtkqTdkVf%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd2b500-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10988 bytes)
Hash
5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 13807
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

app-demo.spribe.io/BlueBox/websocket

54.230.111.29

101

3.0 kB

URL HTTP/1.1
app-demo.spribe.io/BlueBox/websocket
IP
54.230.111.29:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
3.0 kB (3006 bytes)
Hash
9593068680d204892df437ed03140183
8e33bfe4d720b1aef66d87f50070c162300bd0b9
1ce8e7b189b10fca5ba8118094a00cf3e3c2b82650430926ff3bbcd581d629b1

HTTP Headers

GET /BlueBox/websocket HTTP/1.1
Host: app-demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://aviator-demo.spribegaming.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SmRexzxV0iSq5bGv6DvP3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Connection: upgrade
Date: Sat, 21 Jan 2023 07:14:55 GMT
Upgrade: websocket
Sec-WebSocket-Accept: pFRCsuCMYY3Aj7zJSw77GF2dvzc=
Sec-WebSocket-Extensions: permessage-deflate
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: ruCJJxpkS9Qq7FBWNhfpbYrv4et6IYgKKtk7a69oYVHrCrykdNrceg==

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
34a6ffa8918b00f3f6d21bd90db799f4
6573697e6488b07ba3551ca7fea9b89220494b3a
dff7862c0cfa5ae27f6e8daef94bf0cd05000b667dbabd62a673ec0354e4873b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg

142.250.74.164

200 OK

613 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (954), with no line terminators
Size
613 B (613 bytes)
Hash
e5a7a7e9a2a032806508ab081028ad6c
eb53a9aafb8339679a1aa68d9377a33aefabbee9
b737083af63cd28b4d34e83ecf27db09b75c429cd13d986af69eaa1cfbcd60a8

HTTP Headers

GET /recaptcha/api.js?onload=ngx_captcha_onload_callback&render=6Lclc7gUAAAAAJzY45EMX-6EWXoQJgZYPCCcm2yg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 21 Jan 2023 07:14:56 GMT
date: Sat, 21 Jan 2023 07:14:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 613
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (636)
Size
164 kB (163892 bytes)
Hash
f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1

HTTP Headers

GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 315218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css

142.250.74.35

200 OK

24 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (52913), with no line terminators
Size
24 kB (24262 bytes)
Hash
f4bb161deae4e93f1a82e52f82ea2af9
74cd72b02999ea35cde6dd6c1d58ca9aec94da07
3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589

HTTP Headers

GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 22:06:34 GMT
expires: Thu, 18 Jan 2024 22:06:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/css
age: 205702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (636)
Size
164 kB (163892 bytes)
Hash
f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1

HTTP Headers

GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 315218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 120414
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL HTTP/2
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:48:55 GMT
expires: Tue, 24 Jan 2023 18:48:55 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 303962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10300 bytes)
Hash
eff1c7571054ef3a3535dc3cf0756d38
54ccc9d66c916cab0d7b70135e0331d83f57a2d1
6d2f74f27c2622882bf06980569a8a6cf6402e2ec800cf9987c86a3779d1b023

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10300
x-amzn-requestid: ba8a3ff1-2c2c-4f83-8524-20a003f25ca2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etkvHGbOoAMF18g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2d-0cc97cf827da6b61341da50c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gTUDFWnRFsXI4FoRd-aXSzDLR8JtQfbtwoIImdqzTKpw3qm2RrscSw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:53:26 GMT
age: 12096
etag: "54ccc9d66c916cab0d7b70135e0331d83f57a2d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/background.jpg

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/background.jpg
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/background.jpg HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/jpeg
cf-bgj: h2pri
etag: W/"61fd5783-1b1cf"
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLAb91%2Blj6jpkn%2FWscXWX2y%2BigbfyRuziXZh%2FsvdWfJ9fCrLQH%2Ba%2FMIQyXc1fEi96DV31a0%2BBRT%2FGvTSvmvDbTp3A917XSGT0725HY%2FLA2GTB8EGOsKbDG8zY0IXgRPKPb5va7Re0U9y%2FBCBX7G3OZ4P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41711d98b500-OSL
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/main.0c79cc1b05645949.js

143.204.55.37

200 OK

0 B

URL HTTP/2
aviator-demo.spribegaming.com/main.0c79cc1b05645949.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main.0c79cc1b05645949.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Fri, 20 Jan 2023 19:03:20 GMT
cache-control: max-age=86400, public
etag: W/"cd42dcf80f48aad6e53e6b50526934fd"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gdmSOh25JpMNj2qnedFLh7X76VChx0jWeJlpLtwi-_SI1d9EtwRq0Q==
age: 43895
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/main.css

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/main.css
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main.css HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: text/css
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-86ea"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqJcAOoFRcp4zSFrI6Ll3Atdc7EB0bT1YMIQyAgfPojsIjg6rDDlKttW6P4uHs9yh%2BOp1WA9eAkbay9W%2FQRYPK1BIpubzIth3biRYBpiIMionTZmMBl4De2BN4cm%2BLnNtvCX1Jk0bniNIQ5VTBvTEmLU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd0b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/country/brazil.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/country/brazil.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/country/brazil.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeXqQVcX1cs6rCa6ybV01EBlwnSfF0BZy%2Bwa0A%2BRAra63a2CMVx2gy009B7jTJsDby9NL4323gCzD%2ByOIh%2BkN70D2Xtdu1Q77%2FS74XMthmqrAFy7qi8NG7LXJU6SW%2FnrqvyZnwGd9MQEq4Mhb9E2BfLp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41717de6b500-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 07:14:54 GMT
date: Sat, 21 Jan 2023 07:14:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/aviator.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/aviator.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/aviator.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-298a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0bIG%2Bqe9Ux%2BWUhzWkDqYt35dNyT2S38Fl%2F%2FkdDh54m%2F7jY%2FGBg7IQQwbVX1iXkOz041NjwK%2FPqkucLy%2BGognNlxE%2Fr8OQp2Ob0di91WV3FjVSFYtKp%2ByGh8md%2B0c0LzYmLGXCALRh5FPqB191Qu%2B9%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da6b500-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/notebook.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/notebook.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/notebook.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e6b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPMoOJjCrBSFatgpwFMTPiu3h3v%2BBbVJ8kclv4FDOBgk%2B%2FoSTDOnyIXbIKrkxXS1AUj938vKGN1f5fj3xV%2BQGdQLzyIsuzmZ2rk8xr1vrUw2hbZ%2FE9TvDRqBhOxcWNitlkLKBSPQC5SxWL7NgoDfJH3C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da7b500-OSL
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js

143.204.55.37

200 OK

0 B

URL HTTP/2
aviator-demo.spribegaming.com/polyfills.48beaefad335fdd8.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /polyfills.48beaefad335fdd8.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=BRL&operator=demo&jurisdiction=CW&lang=BR&return_url=https%3A%2F%2Fspribe.co&user=60556&token=b58spErrRWATmGL2tpiStjCWEK96tb3k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 13:25:49 GMT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
date: Fri, 20 Jan 2023 11:56:22 GMT
cache-control: max-age=86400, public
etag: W/"c46f132cbd8bd1b17320947272a50bed"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gX5LTKM0wVjlL6Z7hH551hR4eH9sJsJFdvpQJ8U2tpnwlrRDARDIZQ==
age: 69513
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source= HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:53 GMT
content-type: text/html
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfc9mtQouYl5oJ3ZvTT2lKH7S5LXrAKtHWGRjc3RpVlDdIFCJSCe26nuZwICZM5EJ7XnNKrEXGlZzleuHA%2FoUW%2FTqLhAClXq7vJEI%2BKr25I%2Bfv8690IoHUW7%2FPqr6j9qyC5R3759J8hMfj5XB%2FfIlOyV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce416e5b3ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/bundle.js

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/bundle.js
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundle.js HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-128ae"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVrkdXtuLsVEHVgBH3WxPNhedy1tLoyfnWiKD8kCSWYwYvabKY0jDZAbYBVi9Q7v2R8KV9UHslHZNQpa9hvL7QfPNGzgcSkBGbTZHo71lP8dNKrJF7EWoFwJOnVpR48RuQj%2Bz7Js2jSdPNJ1EKPKCMar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41703cd7b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/girl-left.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/girl-left.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/girl-left.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1e1a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W%2FC%2BbuvH9On7BHvJ%2F9X32YjZQE1m1mYOuRm%2B2ap%2B2Ij%2FwSi7ZqY2CotN%2BzJuRWTgqfLUJCNU6aEDJaiKtxJ1HylaFZmLLO%2B3b5ux7z2lC8kISdmRn3GGmoPTxxnuIjIalBR18qDBocaj6Tdv4dTrsSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712dabb500-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/bonus-bg.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/bonus-bg.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/bonus-bg.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-1742"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DxWNhLRqwq3qJF2NWRcJlS4y84nyHgIBlEY2md55n3fN%2BOTlPpJZ5JkIp2n4zPW0DoJrv7EDTKawcNefmWMtwvR8exqGFq4MtBPjDzRezT5SL5RF3m3XbxB5oKhW4pL48wBWvlWEpw1DiPHDKlbXWgU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41712da8b500-OSL
X-Firefox-Spdy: h2

demo-game-aviator-br.pu020ev.com/img/favicon/apple-touch-icon.png

172.67.70.112

200 OK

0 B

URL HTTP/2
demo-game-aviator-br.pu020ev.com/img/favicon/apple-touch-icon.png
IP
172.67.70.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/favicon/apple-touch-icon.png HTTP/1.1
Host: demo-game-aviator-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo-game-aviator-br.pu020ev.com/?lang=br&st=i9cYqfJV&s1=wosbsqg3o6ju072miloq1me6&s2=VG&s3=Adchampagne_VG_PinUp_Gambling_BR_CPReg&s4=&s5=&pc=30&form_phone={form_phone}&form_email={form_email}&trId=cf5p1r9ct2haea6jddfg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:14:54 GMT
content-type: image/png
last-modified: Fri, 04 Feb 2022 16:42:43 GMT
vary: Accept-Encoding
etag: W/"61fd5783-2088"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V60Q8P8kcpKhRKw6Ahk8E69ka16JfTsYRev%2BOIfhesbmqBUq6nUwGUPhUX8w%2FqjAEYyfHu7gML1Sb92APsNzR%2FqYayIiyA5Cs5olzKdoKaz4%2B8H8q5R4KynXg45GjTYwSwkz5NbSNRPK6iGT3BNpdoyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce41722e76b500-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML