Report - win.pm-5753.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za

Report Overview

Visited public
2025-03-07 14:29:29
Tags
URL
win.pm-5753.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Finishing URL
win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Title
PARIMATCH

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api-prod-4-ext.playwin.fun	unknown	2024-08-20	2025-01-28	2025-03-03	1.1 kB	2.2 kB	172.67.70.112
s.orbsrv.com	unknown	2020-05-16	2020-09-02	2025-03-03	502 B	418 B	95.211.229.245
wss	unknown	unknown	2025-03-02	2025-03-02	588 B	420 B	3.164.206.116
demo.spribe.io	unknown	2018-10-18	2019-08-20	2025-03-04	543 B	14 kB	3.164.68.97
app-config.spribegaming.com	604197	2019-07-25	2019-07-28	2025-03-04	536 B	1.0 kB	3.164.68.15
win.pari-matchin.com	unknown	2023-03-10	2024-12-18	2025-03-06	30 kB	732 kB	104.26.15.99
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-05	1.0 kB	721 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-03-05	2.5 kB	1.7 kB	216.239.34.36
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-03-05	481 B	4.1 kB	142.250.74.10
win.pm-5753.com	unknown	2022-05-25	2022-10-21	2025-03-05	722 B	4.3 kB	104.21.16.1
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2025-03-01	502 B	418 B	95.211.229.245
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-03-05	544 B	8.6 kB	142.250.178.99
z.cdn.adpool.bet	44465	2020-04-17	2020-06-10	2025-03-03	448 B	422 B	212.7.203.129
s.magsrv.com	unknown	2023-08-01	2023-08-04	2025-02-28	502 B	418 B	95.211.229.247
sc-static.net	1183	2017-03-16	2017-09-05	2025-03-05	421 B	58 kB	3.163.248.4
syndication.realsrv.com	9112	2019-02-07	2019-07-03	2025-03-03	513 B	419 B	95.211.229.247
s.opoxv.com	53756	2019-12-02	2019-12-13	2025-03-03	501 B	417 B	95.211.229.246
www.google.com	7	1997-09-15	2015-05-10	2025-03-05	815 B	571 B	142.250.74.68
aviator-demo.spribegaming.com	unknown	2019-07-25	2022-08-21	2025-03-04	32 kB	5.3 MB	18.165.140.66
www.google.no	25607	2001-02-26	2012-06-26	2025-03-05	806 B	580 B	142.250.74.131
s.zlinkn.com	unknown	2024-04-23	2024-07-22	2025-03-03	502 B	418 B	95.211.229.246

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-07	medium	wss	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	sc-static.net/scevent.min.js	ScriptElement	57 kB	2025-03-06	2025-03-07
Pretty URL sc-static.net/scevent.min.js IP 3.163.248.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 20:53 Last Seen2025-03-07 21:53 Times Seen52 Hash bc58260a454e0678a075bc933bc14ef3 ed46d11255aa7836f208271d21b8981e4822a381 6a4ce475f210bac25053175d6a42d2752ac7d0ac7bfc31a0cced764a2ce34cd3 Loading...

	aviator-demo.spribegaming.com/main.71148b7ade782ab6.js	ScriptElement	2.7 MB	2025-03-07	2025-03-07
Pretty URL aviator-demo.spribegaming.com/main.71148b7ade782ab6.js IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-07 14:29 Last Seen2025-03-07 14:29 Times Seen1 Hash 886763415e0c11b4cdd96eaa93ed1b66 4c2fb7a54cbf208fe9d1552893102967ab4fc8a9 cb60b21aeda5e9696e528e42d4f5a5eef9ccc8f2304e24dbc9791732d32f88c3 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	156 B	2023-03-07	2025-05-31
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 16:48 Last Seen2025-05-31 09:37 Times Seen1250 Hash 781a262d7d9fe9ae1815f793a78f3cda 5d5f9b4bcb5b066720a9f33b69ed66c583400981 1348a8cb2f78fd42b39a0cd3a89c641d38cce43b0e3dda8306af0492efe7c01c Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	246 B	2023-05-18	2025-05-28
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-05-18 12:01 Last Seen2025-05-28 04:34 Times Seen116 Hash dbfbeadf7d6aa97af0e79349a33044cb 3e1fcd7085abab02ff28304dcc4e6b4bc8ff874f b455605cc31d30dba865b1e9bad7874404622bbe242da6dfd4efe4fe542a686b Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	ScriptElement	434 B	2023-05-18	2025-04-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 12:01 Last Seen2025-04-01 10:35 Times Seen94 Hash 6054536b144f89d327869c561013b3df 21c81a6caffee1d471626fae2d899cb631278689 430b83b0d68ffff55587e95c3f9d4a9cf8af6373bf93f456e43a984e316bf8cd Loading...

	aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS	Function	296 B	2025-03-05	2025-05-24
Pretty URL aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2025-03-05 14:58 Last Seen2025-05-24 04:18 Times Seen35 Hash 0f69f17956102c698d39413518d339d9 2b7bb3fb8ac11ffed1bb348fe9cd8cbf0e19c68c 94d84569aa70a38bc0af7195972d2b59bb02d40a759a8d5d149292d6579d786a Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	34 B	2023-03-07	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-06-01 00:04 Times Seen1967 Hash b1e15d37f8ad8f7a504e703bc43a56f6 a6d2e9ab71927b1923dcae00fdb825f51ba8d27e 92335397ea60fa767f960ce1cd60e5c08ee1a771dbbc6181a37ec49326341f2e Loading...

	www.googletagmanager.com/gtag/js?id=G-F6MKFMM2K3&cx=c&gtm=45He5360v830320896za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824	ScriptElement	340 kB	2025-03-07	2025-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-F6MKFMM2K3&cx=c&gtm=45He5360v830320896za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-07 14:29 Last Seen2025-03-07 14:29 Times Seen1 Hash f4e0824f25b82a8156714640c9a3c5c4 738ac500bc368364191f0d27ee5b84e3999c7eb2 d7c398fcefd583ea538c15e5c7d4ee31bb20940cd60161d7b009ad95ea75e2e1 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/main-a4742db8d20fa8e2.js	ScriptElement	117 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/main-a4742db8d20fa8e2.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash 3f411093cfaa758178dc81b236905950 91cc43bf9e745b29dcc1809335774c81b278a6c3 de5493227ee7f0be75f438481d592dc285e48f0258a72fe1a294e435eee6aeed Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_ssgManifest.js	ScriptElement	77 B	2023-03-07	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_ssgManifest.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-01 10:35 Times Seen71575 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MB884G5&gtm_auth=&gtm_preview=&gtm_cookies_win=x	ScriptElement	378 kB	2025-03-07	2025-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MB884G5&gtm_auth=&gtm_preview=&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-07 14:29 Last Seen2025-03-07 14:29 Times Seen1 Hash 5492a8d8f68723753248ee531107d766 5c4eb87a3c3fe85cb6873468b73eb7058d74d7d6 f77ea621c067f6c9fbecc73eb00ef6b337a31cb575a385a9ecdc8ad22b4b1947 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	win.pari-matchin.com/in/lib/analytics.min.js	ScriptElement	50 kB	2025-02-06	2025-04-01
Pretty URL win.pari-matchin.com/in/lib/analytics.min.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-06 07:27 Last Seen2025-04-01 10:35 Times Seen7 Hash 3c68661713139745048240d14da64547 33ebfd3496b48588a56a3d116a80971ead8d5b9d feb93ab65b358f9027021914baf5254d1a32912dabe593ba2fc812d79b8ecf21 Loading...

	win.pari-matchin.com/content/terms.js	ScriptElement	122 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/content/terms.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash 6cde1985ed216deefef69903197b5ee6 07849f3e0ad465f1e403ade1f93cabc5bbbb7bee a8e167c5268250ad15c76bec2c98500e51257d094e2c4d615c4a5281c36e83aa Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/_app-c2b2ff94d0aa6ea6.js	ScriptElement	4.2 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/_app-c2b2ff94d0aa6ea6.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash 4670cbf0f3d49be0338f0a6d121c018b d75c61422d078e36b1bae38b3a55d032df8440c5 97bd0bd85b3441644c656108a1565a5c528a6f1c0516d011f0041dc4ed5f6115 Loading...

	win.pari-matchin.com/mtapi/js/build/framework.min.js	ScriptElement	38 kB	2023-11-25	2025-06-01
Pretty URL win.pari-matchin.com/mtapi/js/build/framework.min.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-25 14:40 Last Seen2025-06-01 02:34 Times Seen133 Hash d606af2c41063ffb66f1fcb25089e9aa 3e9951bb1b249208401bf3fcc19610f3b31dcb49 871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	156 B	2023-03-07	2025-05-31
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 16:48 Last Seen2025-05-31 09:37 Times Seen1250 Hash 781a262d7d9fe9ae1815f793a78f3cda 5d5f9b4bcb5b066720a9f33b69ed66c583400981 1348a8cb2f78fd42b39a0cd3a89c641d38cce43b0e3dda8306af0492efe7c01c Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	aviator-demo.spribegaming.com/runtime.da7dcd113f9ca8e6.js	ScriptElement	0 B	0001-01-01	2025-06-01
Pretty URL aviator-demo.spribegaming.com/runtime.da7dcd113f9ca8e6.js IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-01 10:42 Times Seen4813827 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS	EventHandler	16 B	2023-04-10	2025-06-01
Pretty URL aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-06-01 10:28 Times Seen58904 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS	Function	915 B	2025-03-05	2025-05-24
Pretty URL aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2025-03-05 14:58 Last Seen2025-05-24 04:18 Times Seen31 Hash f2ea368d8a2d82e9297469143e51b2de d73b5a1cdd22dad8f6e053484eb7dc3eb8ee4e7c 768740499d60a24a5d51425375a13d95065360df4d332326ba0901586163bf34 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	ScriptElement	177 B	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash fc0df3bdd57ba5ea2bba878425194028 047a0d07b7564a0b3b39c562a8ee2bbb64f56bd3 60578457961970793fdf5637ac08bfe04961c430a803201cec5bf799f4aedf20 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	102 B	2025-02-06	2025-04-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-02-06 07:27 Last Seen2025-04-01 10:35 Times Seen7 Hash 9b3cebc5a7ea2e72b424322459f2d8f7 686d1dcf4ad39ac7e45432036b4bce6648377bc0 ec39ea10974edab2f222eabe0fea3dc7282afd1d896a4c87cb91936e34c9c716 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/index-482debc93a0ad3a7.js	ScriptElement	33 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/index-482debc93a0ad3a7.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash b6a2812390d47bd3b4e4eefb3b2d2018 648ca8335cb6cbff94c9aac635765ae86b314338 c3e82219e9419da9453fc79e4ff6509bb0e561cbcb3693955f8678fb0c10eac2 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	156 B	2023-03-07	2025-05-31
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 16:48 Last Seen2025-05-31 09:37 Times Seen1250 Hash 781a262d7d9fe9ae1815f793a78f3cda 5d5f9b4bcb5b066720a9f33b69ed66c583400981 1348a8cb2f78fd42b39a0cd3a89c641d38cce43b0e3dda8306af0492efe7c01c Loading...

	aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS	Function	79 B	2023-07-03	2025-05-28
Pretty URL aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2023-07-03 14:11 Last Seen2025-05-28 13:34 Times Seen48 Hash 58c2229232eb96c46c4f2a15b3223502 587c314b0a68c57581c1bcafd1af90b9743d45f6 f280ed6ddde6c5054689d56737f849f3feb6cee30f740be988f74dbcfa5f96b0 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/webpack-8f6b4720fe1e664a.js	ScriptElement	1.5 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/webpack-8f6b4720fe1e664a.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash 1a255c69afecb408d84a1892a676c8cc 6bec5b49730cd6fc28045525a48675862659adbe 357229cb27bcf516d58fe375a4ca4d6276f9ba2f59f3a841b541ce7c6d8e0fb5 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/framework-b96261d959dd50e7.js	ScriptElement	140 kB	2024-12-28	2025-04-08
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/framework-b96261d959dd50e7.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-28 10:45 Last Seen2025-04-08 00:54 Times Seen11 Hash e536ba6f7785392ef3f1a39e6b16f765 1dbc14d6c4576da290cae8fae28101125324cc38 01b2e6f89d80bdb988df6fc319dde61a321176d92a06e96f4268a644184df42b Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/784-6b4215fc8de62802.js	ScriptElement	42 kB	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/784-6b4215fc8de62802.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash 0f08a62447a23d58ee1d42cd50660686 3c0bb0a36eb28bc47934760e5a095b53d71f4dd8 d0665a6744c66b5870c530470aff8e98da519eb89e6553976ba28b53289d930a Loading...

	aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS	Function	322 B	2025-03-05	2025-05-24
Pretty URL aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by Function Embedded in HTML false Observations First Seen2025-03-05 14:58 Last Seen2025-05-24 04:18 Times Seen38 Hash d0324d4f81bde5a6c848a87fb376e8d1 05db6849017f1ac206ea73fd4ce62c3e5f622455 e15ed25da157c61bc90a1d069663ff23c1dd62815954aad4059f6aace8746051 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_buildManifest.js	ScriptElement	555 B	2025-03-04	2025-03-09
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_buildManifest.js IP 104.26.15.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-04 21:00 Last Seen2025-03-09 10:04 Times Seen4 Hash bf9a1eb9e338af0b5984c79649310a03 004ff35d90698e288721503e507aa78617c22245 309b4241a2ad3c350624c4dde9158cb446a86bb1bbf72f081cda8b3c4e1849b9 Loading...

	win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom	Eval	120 B	2023-09-30	2025-06-01
Pretty URL win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-09-30 00:55 Last Seen2025-06-01 09:03 Times Seen865 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	aviator-demo.spribegaming.com/polyfills.1688017b09a0d6b3.js	ScriptElement	0 B	0001-01-01	2025-06-01
Pretty URL aviator-demo.spribegaming.com/polyfills.1688017b09a0d6b3.js IP 18.165.140.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-01 10:42 Times Seen4813827 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (101)

URL IP Response Size

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-65.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.8 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-65.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.8 kB (9754 bytes)
Hash
7c6540edfd96d6993956a0eaae312e16
0eaa1b58023fca5436dbfdb752b6f8f867a1bd07
a52904fae084ca88f68b4ab166a0301f34cfbe61767b563818410e1245d24b4a

HTTP Headers

GET /assets/static/avatars/v2/av-65.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9754
age: 100945
date: Thu, 06 Mar 2025 10:26:50 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: "7c6540edfd96d6993956a0eaae312e16"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3LPBaNA5cSpVt9ZkYJwPSiU2x4E1hZald1D98_C1ThivNSfc7zFF0A==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-29.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

7.0 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-29.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.0 kB (6994 bytes)
Hash
c0832416777921c17b67d092c106e3f0
d1d45e0598eaf12fdd1cd65b34dce6d019a3b40e
e5dc1dc317040d1794dd279f4c76636d1ddcd6865cb9bb925e9794058a23e5be

HTTP Headers

GET /assets/static/avatars/v2/av-29.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 6994
age: 100870
date: Thu, 06 Mar 2025 10:28:05 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "c0832416777921c17b67d092c106e3f0"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wyTnPwa8TaQE8pIvd2uGo6OI8Wj1O7uLRRNIrjlOkz5hB0UvA4oyfA==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-21.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

7.6 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-21.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.6 kB (7630 bytes)
Hash
770f1de40d81ebdfad0e26412621347d
4aa408b9c8eceb1fbe43d7a7405e5080dbb4c7d9
6e95de6441c2e6f0a1400cf64fade3fa3e5c60e56693f2aee5ff284149d1d481

HTTP Headers

GET /assets/static/avatars/v2/av-21.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 7630
age: 100904
date: Thu, 06 Mar 2025 10:27:31 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "770f1de40d81ebdfad0e26412621347d"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 96GTobpHq00OPtAi3Mu_zQqNEFV7_a0QpQ2zY2iguz-y9L6cqPArRw==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css

104.26.15.99

200 OK

1.7 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
ASCII text, with very long lines (1654), with no line terminators
Size
1.7 kB (1654 bytes)
Hash
f2b899bf8bbc75996713dea995364460
7950acac24aab85637b971d7f75d8cf64df589a1
c729aa3a185515d3ba83dec7b7a77662267a1cd6959814837ff1d63e0d7c3faf

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"f2b899bf8bbc75996713dea995364460"
last-modified: Fri, 21 Feb 2025 14:11:25 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJ%2FYElJ%2B4DXdfEyTOgQYYfLDR9nGxeMdn2H81L%2BIz6hPCQlzpjiacNItFtLL%2BtHY36%2Bx%2FXkewKRQR54iHBkodUFpwpywfLd%2FkAQ2YmpJkENntM%2BNNIhRbN7YgnmIZzR%2FvXkHktC3uIDuQ7Ltxk8ZUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3ed956a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1148&min_rtt=1095&rtt_var=448&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1713&delivery_rate=1322374&cwnd=246&unsent_bytes=0&cid=8bd94f4844009180&ts=109&x=0", cfL4;desc="?proto=TCP&rtt=2409&min_rtt=471&rtt_var=2616&sent=94&recv=34&lost=0&retrans=0&sent_bytes=99259&recv_bytes=2937&delivery_rate=13731416&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=691&x=0"
X-Firefox-Spdy: h2

s.magsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907732727

95.211.229.247

200 OK

0 B

URL GET
s.magsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907732727
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintD7:10:98:D9:10:79:5D:07:40:43:5F:05:A5:D9:67:D1:12:48:6A:80
ValidityMon, 27 Jan 2025 10:46:56 GMT - Sun, 27 Apr 2025 10:46:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907732727 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

aviator-demo.spribegaming.com/assets/images/canvas/icons/clock.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

587 B

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/icons/clock.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
587 B (587 bytes)
Hash
a1dab5bec2480229fdb3258bf9c547d7
808813c56280c966a79a60e905d1c911665d6174
35f7678f92a55f004a4153d12216d5f5f5b40383c487b1f4375982859597d1a2

HTTP Headers

GET /assets/images/canvas/icons/clock.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 587
age: 100975
date: Thu, 06 Mar 2025 10:26:16 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: "52bd8d93378b3995d354058dcbfd55b3"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZuIY60w0zEgScod65br3rzJ3ymc8psdNahkS3kO14gsJ2IkWg6VKMA==

aviator-demo.spribegaming.com/minus-in-circle.1faa7b1dca471781.svg

18.165.140.66

200 OK

212 B

URL GET
aviator-demo.spribegaming.com/minus-in-circle.1faa7b1dca471781.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
212 B (212 bytes)
Hash
868aaf8eafe81088d6600f680cb608cc
05b7103244bc734b5a42724c41ce08e72140b282
6f8bd4aec4395ca92cf2e6700f6a7994d5608e2b27224aa41515e02436965c14

HTTP Headers

GET /minus-in-circle.1faa7b1dca471781.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 212
age: 122330
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 04:30:23 GMT
cache-control: max-age=604800, public
etag: "f1327236e71a09585de171d14c241eb8"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2vqggIcvbCjOIhABe_HMkYxjvhU0NFi9yUX3j-H-aBJ0_jvkfIOxBw==

aviator-demo.spribegaming.com/Inter-Regular.1282ebc61b96a9d9.ttf

18.165.140.66

200 OK

310 kB

URL GET
aviator-demo.spribegaming.com/Inter-Regular.1282ebc61b96a9d9.ttf
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 50 names, Microsoft, language 0x409
Size
310 kB (310252 bytes)
Hash
ea5879884a95551632e9eb1bba5b2128
cfa780d0b50b2bb7eacb82984f1b18a95aaa40c5
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

HTTP Headers

GET /Inter-Regular.1282ebc61b96a9d9.ttf HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.bb4e24bdcee1ddc3.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: binary/octet-stream
content-length: 310252
age: 549182
date: Sat, 01 Mar 2025 05:56:08 GMT
last-modified: Wed, 26 Feb 2025 16:45:26 GMT
etag: "ea5879884a95551632e9eb1bba5b2128"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: c77ezbPqwx7Zr-B89YbSlXCALr-h-J12VZUt3x8zFUn5lZjTdKoFIA==

aviator-demo.spribegaming.com/aviator-logo.c6b742d995765be3.svg

18.165.140.66

200 OK

3.9 kB

URL GET
aviator-demo.spribegaming.com/aviator-logo.c6b742d995765be3.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3879 bytes)
Hash
872140602e735973b3202e525c74b803
96c963547dae1fd34f3318854410f53e9a7206ef
7f8552f6a928102b5a96a41f3c83e346bf95abb55416aa6e224555b7d70cf541

HTTP Headers

GET /aviator-logo.c6b742d995765be3.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 494831
last-modified: Mon, 17 Feb 2025 16:48:26 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Sat, 01 Mar 2025 21:02:15 GMT
cache-control: max-age=604800, public
etag: W/"6d7aaebef2c0a9b2db0ec273da51445b"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: XD2Eeo58rDXuZHqoNOJmH9NqmWIxsLxB5SCqYx8oqOWxxDEdK959-g==

aviator-demo.spribegaming.com/icon-provabyfair.71eb97eaadfab595.svg

18.165.140.66

200 OK

2.3 kB

URL GET
aviator-demo.spribegaming.com/icon-provabyfair.71eb97eaadfab595.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2325 bytes)
Hash
552fb33f15d0f3ee4f6b87a8d1bfb235
0330cea33717c041b29d7204fb94c6fca63385a7
f3ed603517da0627a4ef0582ca3fef03184043e8d00e5db8cc96079ff04cb760

HTTP Headers

GET /icon-provabyfair.71eb97eaadfab595.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 40734
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Fri, 07 Mar 2025 08:11:00 GMT
cache-control: max-age=604800, public
etag: W/"2e77c130b7a8610c667084ab16d7fa92"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: X0vl_BuEibDuygviQvxIjygSYgsFx-VROITJ3y5uGt8b-yl2Cu7Flw==

aviator-demo.spribegaming.com/dd.08ed122e8624a251.svg

18.165.140.66

200 OK

345 B

URL GET
aviator-demo.spribegaming.com/dd.08ed122e8624a251.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
345 B (345 bytes)
Hash
adc581a2b19e6bee8a66aed7de4d7f5a
9bdafd6488ec290ca6ed5bc1a7bc1458fe03cd07
8a1da30bce1a3c6019de6e37dc15b4b9f9a774a3a2523df3e41ddc3dc7fab3de

HTTP Headers

GET /dd.08ed122e8624a251.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 345
age: 485819
date: Sat, 01 Mar 2025 23:32:13 GMT
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
etag: "19e753a3e63ce1daea91c9ce61859229"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wQRwdxxtddAcYSLHMfb3zPax3XE8KoMUsikfF6_CwbDpz-uo3jx2FA==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/784-6b4215fc8de62802.js

104.26.15.99

200 OK

42 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/784-6b4215fc8de62802.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JavaScript source, ASCII text, with very long lines (42319), with no line terminators
Size
42 kB (42319 bytes)
Hash
0f08a62447a23d58ee1d42cd50660686
3c0bb0a36eb28bc47934760e5a095b53d71f4dd8
d0665a6744c66b5870c530470aff8e98da519eb89e6553976ba28b53289d930a

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/784-6b4215fc8de62802.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"0f08a62447a23d58ee1d42cd50660686"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4J5NRYroA4LSOMszOH5WsEJuC%2FEtlr0Cml88EK8WhxCtwsv3IaskDWSKMruM2RB%2F8FuH8xjKtgg8lWViqI63iZo97ko%2BYNjJ51quGE%2BpZTZyisapBtMaGCIdcJ4obd8aPO7AVC3DFOydEievcSBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e4eea56a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1334&min_rtt=1331&rtt_var=506&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1705&delivery_rate=1064705&cwnd=244&unsent_bytes=0&cid=bbe8ad5c82f71421&ts=67&x=0", cfL4;desc="?proto=TCP&rtt=1164&min_rtt=471&rtt_var=701&sent=97&recv=45&lost=0&retrans=0&sent_bytes=100940&recv_bytes=2937&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=694&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/parimatch-bold-webfont.d9d27eb8.woff

104.26.15.99

200 OK

25 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/parimatch-bold-webfont.d9d27eb8.woff
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
Web Open Font Format, TrueType, length 24764, version 1.0
Size
25 kB (24764 bytes)
Hash
ffc1ff41243d636f9acd5a255edf4ac3
c53cef0f89a19b75c33744c28492cc09b02e25d4
20b28bc102deb18b39b59be9ec4eb6f9795015d6544c034e58e018c1bc15940f

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/parimatch-bold-webfont.d9d27eb8.woff HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: application/octet-stream
content-length: 24764
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "ffc1ff41243d636f9acd5a255edf4ac3"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjByIi6WcqvJQ5IjWx7Qh6paYcpGGN54Tz73qNtU1MW8FSuHNJvxqkMaMBJ06DyLLC4dHP3BQOgt%2FI0hSG0%2BzlAStuLeWPFijTnMtLTxxJSH5KvhX71J6tsI75WVoe91o6dtP6CPgeE%2BLk8GOIAsgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac88009f456a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1015&min_rtt=995&rtt_var=387&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1734&delivery_rate=1455276&cwnd=249&unsent_bytes=0&cid=361629c9d83cf463&ts=118&x=0", cfL4;desc="?proto=TCP&rtt=1566&min_rtt=471&rtt_var=1074&sent=165&recv=61&lost=0&retrans=0&sent_bytes=177417&recv_bytes=3376&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=1037&x=0"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-F6MKFMM2K3&cx=c&gtm=45He5360v830320896za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824

142.250.74.168

200 OK

340 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-F6MKFMM2K3&cx=c&gtm=45He5360v830320896za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5268)
Size
340 kB (340001 bytes)
Hash
f4e0824f25b82a8156714640c9a3c5c4
738ac500bc368364191f0d27ee5b84e3999c7eb2
d7c398fcefd583ea538c15e5c7d4ee31bb20940cd60161d7b009ad95ea75e2e1

HTTP Headers

GET /gtag/js?id=G-F6MKFMM2K3&cx=c&gtm=45He5360v830320896za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 14:29:07 GMT
expires: Fri, 07 Mar 2025 14:29:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 115148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710z8830320896za200zb830320896&_p=1741357747306&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&up.isexp=null&up.clientId=&tfd=1731

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710z8830320896za200zb830320896&_p=1741357747306&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&up.isexp=null&up.clientId=&tfd=1731
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710z8830320896za200zb830320896&_p=1741357747306&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&up.isexp=null&up.clientId=&tfd=1731 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.pari-matchin.com/
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://win.pari-matchin.com
date: Fri, 07 Mar 2025 14:29:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-17.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.6 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-17.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.6 kB (9589 bytes)
Hash
c8114b853bc11099f2570be43ffbc100
4d99d7e3b53d1194a4f700fc419d68aeec23d830
3b8e3dc4dbde8492ca0fce77eab2d9261e72e76178ca7164823c44f7f3a7a36c

HTTP Headers

GET /assets/static/avatars/v2/av-17.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9589
age: 100953
date: Thu, 06 Mar 2025 10:26:42 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "c8114b853bc11099f2570be43ffbc100"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PiSWNdjdLHNuvKh5lM9CTafou_aOIeBmkmOxf8XvEmg4JDFrLSoOxw==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-32.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

7.2 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-32.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.2 kB (7224 bytes)
Hash
82a1daf17deddb39c5a1cf7cd7877fb6
eaf9b529c003ada7ac5498d34719c27903753348
bc28dcd053dbd65648e1c54be6d3b5f08576bfeffd2022074e49ed7819398541

HTTP Headers

GET /assets/static/avatars/v2/av-32.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 7224
age: 100962
date: Thu, 06 Mar 2025 10:26:33 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: "82a1daf17deddb39c5a1cf7cd7877fb6"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DB3LhfxUsXFUSdVVtmfmNM36vWZfrgEA2SirIEvtZZNBld9rFwWb5Q==

api-prod-4-ext.playwin.fun/api-gb/gb/v1/features

172.67.70.112

204 No Content

0 B

URL OPTIONS
api-prod-4-ext.playwin.fun/api-gb/gb/v1/features
IP
172.67.70.112:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectplaywin.fun
Fingerprint7A:70:80:D9:69:5B:FA:32:73:9E:5A:8D:F4:2D:EF:05:70:1A:56:CE
ValidityFri, 14 Feb 2025 23:48:01 GMT - Fri, 16 May 2025 00:47:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api-gb/gb/v1/features HTTP/1.1
Host: api-prod-4-ext.playwin.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://win.pari-matchin.com/
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 07 Mar 2025 14:29:09 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-ipcountry: NO
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZhHP%2Boexay9pKP%2FQMH5QUKWEnIaEBKxnHz%2BiJqE003v8%2F1iu5pO6m%2Fb3YNk3Pj3HqCF0tnZG%2FXO%2BHaC05NSI%2FdcUwPziuQzLFNTLTQwTGQZhOwgI%2BaPP4Ibydd%2BxLjx1K75yva15JMJKKB4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac88e9e4656bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=745&min_rtt=536&rtt_var=413&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3194&recv_bytes=1179&delivery_rate=7074918&cwnd=254&unsent_bytes=0&cid=a6c9252307596673&ts=221&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-10.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

10 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-10.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
10 kB (10346 bytes)
Hash
12ec300297f7f7e948eebf6e4ad81cfb
e94e043c8dbedf29080dbbb429e29773dfab56c4
ea2485bfb43a0b9fb51a65c9e02b4a5eb848b08729df2904a37abb2328f810ad

HTTP Headers

GET /assets/static/avatars/v2/av-10.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 10346
age: 100944
date: Thu, 06 Mar 2025 10:26:48 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "12ec300297f7f7e948eebf6e4ad81cfb"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vp9xpTFxO_7HXxBE7XI8sPh_J5mmEvvjVWB4E104qKqnn2kHe4iS0g==

win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom

104.26.15.99

200 OK

3.0 kB

URL User Request GET
win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
HTML document, ASCII text, with very long lines (3138), with no line terminators
Size
3.0 kB (2963 bytes)
Hash
15fba14df167248519331b4431a0a3a0
545ff0fc245dc1e015b4c3cc52515c7e360e6395
e4e7830111bcffd0796cf076e5ba8d074476892ad77dbf045484edefbbfe41cd

HTTP Headers

GET /in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:06 GMT
content-type: text/html; charset=utf-8
hserver: 7
cf-cache-status: DYNAMIC
age: 14
cache-control: public, max-age=86400, s-maxage=86400, immutable
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Lw3sVLDBkv2vkEkjeo5D9sju8JKiILKp2rnGLNQbsguXy%2F6pr7WIKgwWgMEQdTJsUqsbWoxItNTnG8AM69nRsKUI6XmW2xxaNODWJOlddMBJ9Mtiq%2FyRHwandQvkUAHnpDtNqA7v9DOOf29zddwYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive
server: cloudflare
cf-ray: 91cac87b59d056a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1247&min_rtt=1243&rtt_var=474&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1717&delivery_rate=1134796&cwnd=221&unsent_bytes=0&cid=a715c9c57f05648d&ts=31&x=0", cfL4;desc="?proto=TCP&rtt=622&min_rtt=522&rtt_var=197&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3210&recv_bytes=1302&delivery_rate=5498734&cwnd=254&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=163&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/line.25936acb.webp

104.26.15.99

200 OK

12 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/line.25936acb.webp
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (12544 bytes)
Hash
8607dd3ee8a2b197635537f8521c9796
a1639e2ec539d35eae4254c2fc9f1b213d257391
1ba8bac21b1067b5dff5d428ff3ceae115f014b4a878af9ec990851f110a921f

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/line.25936acb.webp HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/webp
content-length: 12544
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "8607dd3ee8a2b197635537f8521c9796"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LN4Efz%2FCJG8jJ10JRmDAuPHXkPtVL9U%2FngLmOwDi2osHHFUBpTqjdSSiso2BaOWItPze0hV%2BrisIAFSJof%2B4LknZmKiK7a9ynxDm2F16D0HYWhiXU4n3OYGUrVPY1bxc8TvNBX9QigHGtw8KIX1J3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac8878fd156a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1119&min_rtt=1118&rtt_var=422&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2638&delivery_rate=1281415&cwnd=238&unsent_bytes=0&cid=cd51ec3c27704080&ts=70&x=0", cfL4;desc="?proto=TCP&rtt=1349&min_rtt=471&rtt_var=758&sent=197&recv=73&lost=0&retrans=0&sent_bytes=211297&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2151&x=0"
X-Firefox-Spdy: h2

api-prod-4-ext.playwin.fun/api-gb/gb/v1/features

172.67.70.112

200 OK

197 B

URL POST
api-prod-4-ext.playwin.fun/api-gb/gb/v1/features
IP
172.67.70.112:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectplaywin.fun
Fingerprint7A:70:80:D9:69:5B:FA:32:73:9E:5A:8D:F4:2D:EF:05:70:1A:56:CE
ValidityFri, 14 Feb 2025 23:48:01 GMT - Fri, 16 May 2025 00:47:42 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
197 B (197 bytes)
Hash
9bff0d50fd29abd32493df3ab7de1031
0258260b6d7a5340b6faa2fb60006063f873894c
13d90d84d31c78f8605a5c151a258c5690b386dc86aa92a3edc1a9a33f5f3ba3

HTTP Headers

POST /api-gb/gb/v1/features HTTP/1.1
Host: api-prod-4-ext.playwin.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.pari-matchin.com/
Content-type: application/json
Content-Length: 1036
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ipcountry: NO
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cynu6xf0g4Rx0IXFwQhklXmfDAI2nD3wNF1LntRMRh4mUuYSP3Ay7dBYQ23FsBK3Ybwi91FGy34TVcycJAwUmYHeiUziTi001xMjMzk%2FTYM0sk1inTXTDy2wp17Xtqkk4SaogOvPrNBCrQJA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac88fe86356bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3312&min_rtt=536&rtt_var=5442&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3915&recv_bytes=2347&delivery_rate=7074918&cwnd=255&unsent_bytes=0&cid=a6c9252307596673&ts=297&x=0"
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710za200zb830320896&_p=1741357747306&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=scroll&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&epn.percent_scrolled=90&tfd=6764

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710za200zb830320896&_p=1741357747306&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=scroll&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&epn.percent_scrolled=90&tfd=6764
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-F6MKFMM2K3&gtm=45je5360v882818710za200zb830320896&_p=1741357747306&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&cid=2102761840.1741357748&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741357748&sct=1&seg=0&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5%3Fvoluum_clickid%3Dwkpjf2p6diisie8831odv8oq%26voluum_campaignid%3Ded557f3c-6292-4d9a-af21-5ffc4596912c%26voluum_offerid%3Dba46bb46-359d-4db0-979b-ee944941f9ac%26utm_campaign%3D8280%26utm_source%3D25040%26utm_medium%3Dmobile%26utm_term%3Dza_bugrom&dt=PARIMATCH&en=scroll&ep.clientId=&epn.timestamp=1741357747709&ep.is_landing=true&epn.percent_scrolled=90&tfd=6764 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.pari-matchin.com/
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://win.pari-matchin.com
date: Fri, 07 Mar 2025 14:29:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

win.pari-matchin.com/mtapi/js/build/framework.min.js

104.26.15.99

200 OK

38 kB

URL GET
win.pari-matchin.com/mtapi/js/build/framework.min.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
38 kB (37548 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mtapi/js/build/framework.min.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:06 GMT
content-type: application/javascript
content-length: 8677
last-modified: Thu, 23 Nov 2023 11:01:54 GMT
etag: "92ac-60acfc382665d-gzip"
vary: Accept-Encoding
content-encoding: gzip
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 5486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1rtFCNv4n27inQy6OvEHRZBmb3U%2Bo2RW2DCFBR9HVs%2FJgO97lcidhmYJEin0WlX9OVLAdP72Eg25qhQz6vhGbkTD3MocjmhgCaRAB2L8sZrhSGIG5G1hv2gN6%2F2eS6KcX8nuF3K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac87e2ec056a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=622&min_rtt=522&rtt_var=147&sent=14&recv=21&lost=0&retrans=0&sent_bytes=5175&recv_bytes=2584&delivery_rate=6983922&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=479&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/lib/analytics.min.js

104.26.15.99

200 OK

50 kB

URL GET
win.pari-matchin.com/in/lib/analytics.min.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JavaScript source, ASCII text, with very long lines (50348), with no line terminators
Size
50 kB (50348 bytes)
Hash
3c68661713139745048240d14da64547
33ebfd3496b48588a56a3d116a80971ead8d5b9d
feb93ab65b358f9027021914baf5254d1a32912dabe593ba2fc812d79b8ecf21

HTTP Headers

GET /in/lib/analytics.min.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:06 GMT
content-type: text/javascript; charset=utf-8
age: 57264
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"3c68661713139745048240d14da64547"
last-modified: Tue, 04 Feb 2025 12:15:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hsDYQa0eKP%2BQFdfL%2FnQYsrIIeqUM9BsvL3U0sNnwlpw0U1NqkrZRN3%2FaAyZiLJXBrXl396LBWwK4nd6UhYkXPQ77vjdWNNp3%2BOGbi%2BSRoOKv1nxbUSdXvcd0xkASxoosKVIIYLu%2BBkbnHcCq9z%2FiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: HIT
server: cloudflare
cf-ray: 91cac87e2ec756a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=899&min_rtt=897&rtt_var=341&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1664&delivery_rate=1580786&cwnd=244&unsent_bytes=0&cid=775e931599069f0c&ts=21&x=0", cfL4;desc="?proto=TCP&rtt=737&min_rtt=522&rtt_var=333&sent=40&recv=26&lost=0&retrans=0&sent_bytes=35961&recv_bytes=2820&delivery_rate=11791530&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=484&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-31.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

7.7 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-31.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.7 kB (7669 bytes)
Hash
68a92f95914e6aac04d319e170be19b3
9642f3b3ee6f4170301b28f9bf1e8bb085770e23
1b09f2398df11fad05e570662aa141bd510eedf8d7caff4064ef274a0f89f231

HTTP Headers

GET /assets/static/avatars/v2/av-31.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 7669
age: 100952
date: Thu, 06 Mar 2025 10:26:43 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "68a92f95914e6aac04d319e170be19b3"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cbYX8C56S8K97qakfEmy_wBPPkfoCm5tIDnMpfJ2PowaZZEIPU93Xw==

win.pari-matchin.com/content/terms.js

104.26.15.99

200 OK

122 kB

URL GET
win.pari-matchin.com/content/terms.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
122 kB (121687 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /content/terms.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:06 GMT
content-type: text/javascript; charset=utf-8
age: 57326
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"55107f53f9eb2172e6bee876111d3f52"
last-modified: Tue, 04 Feb 2025 10:49:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zprF2CS8LhcELQN%2BnTOubb7dEeU0k4DZLHrTEZuvqTip8VaPMkgmXQG%2BsQfI7ebyx04rS%2BLgBJeGhx6vOFPeFK9sPFEfrydptCa1CMZfMZWFG8SOavvGduzwdlTZK9meWSFJLeKv26WMDAyfTgPFEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cf-cache-status: HIT
server: cloudflare
cf-ray: 91cac87e2ecc56a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1188&min_rtt=1187&rtt_var=448&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2406&delivery_rate=1205661&cwnd=231&unsent_bytes=0&cid=7c94079ec8345b33&ts=16&x=0", cfL4;desc="?proto=TCP&rtt=737&min_rtt=522&rtt_var=333&sent=23&recv=26&lost=0&retrans=0&sent_bytes=14578&recv_bytes=2820&delivery_rate=11791530&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=483&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_buildManifest.js

104.26.15.99

200 OK

555 B

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_buildManifest.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
ASCII text, with very long lines (573), with no line terminators
Size
555 B (555 bytes)
Hash
7afb746ee76c112a684801bd2542a8db
e8653ec8e20b7273c8ebbc1b240d222ac03f6ebf
abba7371122aaec717b318deef1ac00668ad6575b2887d6fc4743cd91dd99241

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_buildManifest.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"bf9a1eb9e338af0b5984c79649310a03"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Me%2FPIVq5FFxxWckqNm2U6%2Bnk8i44rqQRO%2B6JCu%2BGZVou3dTqLiYwlE76PMnvV%2B2UVoz4Ja1IdhmHAfpJb8Whz0R5snC6Zb75zl3zSrd17nmLpv7VrDR1A1F%2FIcAVZ7cI%2BW0aa7GEn%2B6dSCBttQmYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e4ef156a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1260&min_rtt=1234&rtt_var=481&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1714&delivery_rate=1173419&cwnd=235&unsent_bytes=0&cid=9089de99d2a502b4&ts=83&x=0", cfL4;desc="?proto=TCP&rtt=1096&min_rtt=471&rtt_var=906&sent=64&recv=32&lost=0&retrans=0&sent_bytes=63350&recv_bytes=2937&delivery_rate=13731416&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=678&x=0"
X-Firefox-Spdy: h2

sc-static.net/scevent.min.js

3.163.248.4

200 OK

57 kB

URL GET
sc-static.net/scevent.min.js
IP
3.163.248.4:443
ASN
#16509 AMAZON-02

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerAmazon
Subjectsc-static.net
FingerprintF1:7E:BE:DE:70:59:C9:25:F5:A9:A0:FF:A5:D1:80:5A:79:B4:3E:74
ValidityWed, 20 Nov 2024 00:00:00 GMT - Sat, 20 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (56997)
Size
57 kB (57024 bytes)
Hash
bc58260a454e0678a075bc933bc14ef3
ed46d11255aa7836f208271d21b8981e4822a381
6a4ce475f210bac25053175d6a42d2752ac7d0ac7bfc31a0cced764a2ce34cd3

HTTP Headers

GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 24093
server: CloudFront
date: Fri, 07 Mar 2025 14:29:07 GMT
access-control-allow-headers: Content-Type
access-control-allow-origin: *
content-encoding: gzip
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=dcfcdce1af1349cea0b86d5699107738;max-age=86400;expires=Sat, 08 Mar 2025 14:29:07 GMT;Path=/scevent.min.js;Secure;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M2Fx16TURC6JfIGAW1RSjB3x6OUj4lT7E9aK1yKBSexCP83oxRwiBQ==
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/history.f7bb16bd19899b41.svg

18.165.140.66

200 OK

452 B

URL GET
aviator-demo.spribegaming.com/history.f7bb16bd19899b41.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
452 B (452 bytes)
Hash
2926fb86eaf67cf75949994f4a3a48f4
19296f2d6e59c51177123bf5e62577b4e1cc41ef
e36b576838b650f28465d1d126bfbde020e7103e768dbc0952ccb9e3828f51ed

HTTP Headers

GET /history.f7bb16bd19899b41.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 452
age: 103811
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 09:39:07 GMT
cache-control: max-age=604800, public
etag: "00484e0849f626d55c905da35833d93a"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _4s4lUJwXYAsK8OeWAZYWMD2xcy_78AxLHOnAREwlfstgxrWde-RAw==

aviator-demo.spribegaming.com/burger.b484be02230ea764.svg

18.165.140.66

200 OK

161 B

URL GET
aviator-demo.spribegaming.com/burger.b484be02230ea764.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
161 B (161 bytes)
Hash
ae033613b8e0b4c32c8edd6e115a866f
1b7e0496cd9d3d360be1b2600b6fa4d06e8ce6c5
5f66ec5203f9dffc950607986657f09c0453a2ac9c7fbfa6b20e1f79909eb0b1

HTTP Headers

GET /burger.b484be02230ea764.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 161
age: 122330
last-modified: Wed, 26 Feb 2025 16:45:29 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 04:30:22 GMT
cache-control: max-age=604800, public
etag: "abc7b68ee65af7f609d4b7701e3edc3e"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rktZjx2CHaqAQ0xA4nN-2C8ll368wkBga39mkg8j6Ypv0shiSkh2PA==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css

104.26.15.99

200 OK

24 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
ASCII text, with very long lines (24132), with no line terminators
Size
24 kB (24132 bytes)
Hash
adfb548abc47e4e04e809ba2736b21c8
f547f2b3201612665c0411407ab887cc905fe99e
8682fb82db509e32bbad0e21df2d665093c45c942da3aa04daa368f974bda7b0

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"adfb548abc47e4e04e809ba2736b21c8"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dhijNhIx0QXw6XINzkZK2%2B79daQeJotFgEZoBvlYr1tQlbWEWelreuPkJ50cApqQAaz4VKe6MxKKi55Qa3B%2BwuLFOVP%2BdEWWGMoUi6DCztUYXQKIsAvNu3JEqlf83efyYUAOABT4d%2BzZNmcQITrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3edc56a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1387&min_rtt=1383&rtt_var=527&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1713&delivery_rate=1022598&cwnd=230&unsent_bytes=0&cid=a6a3eaa2132d5388&ts=78&x=0", cfL4;desc="?proto=TCP&rtt=1251&min_rtt=471&rtt_var=1130&sent=59&recv=30&lost=0&retrans=0&sent_bytes=57052&recv_bytes=2937&delivery_rate=13731416&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=667&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/psp

104.26.15.99

200 OK

0 B

URL POST
win.pari-matchin.com/psp
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /psp HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Api-Key: 6887bed4-e4cb-4153-90b3-472318b1e531
Content-Length: 5086
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357750..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f..101ef16c-9158-4ab9-b9e8-4658a469f28b.1741357749866.2; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:10 GMT
content-length: 0
access-control-allow-credentials: true, true, true
access-control-allow-origin: https://win.pari-matchin.com, *, https://win.pari-matchin.com
access-control-expose-headers: X-Apg-At, X-Apg-Rt, X-User-Sid, Content-Length
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
set-cookie: snowplow=b6a57225-cebb-4286-9688-a7520fbdec9c; Expires=Sat, 07 Mar 2026 14:29:10 GMT; Path=/; SameSite=None
vary: Origin, Origin, Origin
hserver: 7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePmxPa%2BtaRnB07szcVSK8WWyJxhdqAJdXvxLQvCkW%2FAH1MTFNXODiT4HSdx3udeSK75yH81pz3MDhKaa8Feiknil4%2FOskEyjqcnpKqxuw1LPEMwExxsw0AKaOYCMaqqaY9iGqdz7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac891fa5456a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5897&min_rtt=458&rtt_var=9673&sent=283&recv=95&lost=0&retrans=0&sent_bytes=304773&recv_bytes=14736&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=3708&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/images/canvas/prop/prop.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

2.5 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/prop/prop.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.5 kB (2459 bytes)
Hash
4c9e5acaa13d57a2a2cf9cd3d219b9fa
3ecd26499b329a72684d484ea89ccc85762cfd73
a9c0ab802e5e5e4e0bd2dbf1f33180c0a9cc4508a3787829b1c3ec363698f1d2

HTTP Headers

GET /assets/images/canvas/prop/prop.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:05 GMT
etag: W/"b7254aae19f44cdb8029a01ef25f5e99"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: QIpSerFj2t1c7aCI39gy9EDP5QoxNyimc3nzo593X5Wj8kscealjYw==

aviator-demo.spribegaming.com/assets/images/canvas/multiplier/bg/blur.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

377 B

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/multiplier/bg/blur.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
377 B (377 bytes)
Hash
c69560212699702e60af1c27fc3ed3af
9f593b6b5b7a085906bb434efa58548fcbe12609
8d0758bbd7695fc9c8724b76d6960e723fb8e4158c9bc3f1122fa61bc7febe99

HTTP Headers

GET /assets/images/canvas/multiplier/bg/blur.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 377
age: 100976
date: Thu, 06 Mar 2025 10:26:15 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: "8fe4d69ef9455b7956430af689a03942"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fqlLdjboSp-k2CKxQ9OQ1U7aDTBNF6CalibChGirafk1jiu9Kn2_mg==

aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-2.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

2.7 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-2.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2704 bytes)
Hash
14240a2146190c9e7a01addeaf9e39bd
fcc682abb3e1cb70dbe02ff2fc0760d4a4446426
0d489ce09eac839bf29e63e589fe05759697866729751f1a76ee769cb97878d7

HTTP Headers

GET /assets/images/canvas/plane/spribe/plane-2.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100978
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:05 GMT
etag: W/"acadae1e411e9aad1d4cb10a4e2f7727"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: RDo-yD-Ec3bpA_WJOcbhN2CpBjGsWuGU2O5lCOIItl2uXyZ2i-YPyQ==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/checked.4e25b541.svg

104.26.15.99

200 OK

249 B

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/checked.4e25b541.svg
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
SVG Scalable Vector Graphics image
Size
249 B (249 bytes)
Hash
8b0f6b267ab03e155ef2db25558185d3
88a0e22b70a067e0fd44df2ed9532ee572336895
5c068847c055b7926fdb33ef307c1223b3308ed08b7bf97de999e26acd3c37df

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/checked.4e25b541.svg HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"65bb1895792711730b3a79cf9d1db114"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W81KS4MEmq8efZAwTxxAzk1YNb0nqwNiWn0PW3bquzJQvuhEP03PC4Z4XYpKk6BRvmKtLr1X2EuXV7ACZYEKVfO1iyVkD3vak%2FVHeqnk8cNbReUbtlvWuy1br9FNmCKnQZsguFUKw7qF1xEjI6L7kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac8879ff756a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1203&min_rtt=1198&rtt_var=460&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2640&delivery_rate=1163987&cwnd=240&unsent_bytes=0&cid=4cbaa190301d23d9&ts=105&x=0", cfL4;desc="?proto=TCP&rtt=1463&min_rtt=471&rtt_var=622&sent=213&recv=75&lost=0&retrans=0&sent_bytes=226876&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2187&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/images/canvas/partners-logo/official.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

20 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/partners-logo/official.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (19837 bytes)
Hash
241fdb2b65d918edab58daabb8148300
3f89b86ac38fcc1332c54dee9357f59a097f07ba
9e96fde2dd91857ab07eeed1e2f4161c056cb92e685c9c4d038be3d1b5e80ee7

HTTP Headers

GET /assets/images/canvas/partners-logo/official.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: W/"241fdb2b65d918edab58daabb8148300"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 1QcQ56omXAh8JZ3gh2rU3zLHiTC535T-WAVG0eFModc-Ypu4CONo1g==

aviator-demo.spribegaming.com/assets/images/canvas/icons/login-timer.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

729 B

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/icons/login-timer.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
729 B (729 bytes)
Hash
9758311c9ace61f016d705c41bf87003
c83143a72f7598239f56723f25206d17f27dd280
e4354bfa0f3798c94215adc4e5d6aee327e7b4dd8c678431eb665d7cd7623262

HTTP Headers

GET /assets/images/canvas/icons/login-timer.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 729
age: 100976
date: Thu, 06 Mar 2025 10:26:15 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: "3bd799f6a8f0484774cf277febf3d517"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UsmXyNME_z6dMfVRmm4ik2XybXD3lGI77ZuoMn_0GGXAHv_fAnrrVg==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-16.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.2 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-16.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.2 kB (9173 bytes)
Hash
a985ee17ebbbb9cca353766e48d2cb92
1fb71c86723225b8126be48c1c7ed5a5ad9e9395
f8c1796ba328c6b78747d0851988994d0abcb305244be86b04f9f25919324d4a

HTTP Headers

GET /assets/static/avatars/v2/av-16.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9173
age: 100975
date: Thu, 06 Mar 2025 10:26:19 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "a985ee17ebbbb9cca353766e48d2cb92"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3Xog62rYh5jp1nMxVpOdihECktl8dHtczIQgMf0oRoJ-zDX_5iryog==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/main-a4742db8d20fa8e2.js

104.26.15.99

200 OK

117 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/main-a4742db8d20fa8e2.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
117 kB (117137 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/main-a4742db8d20fa8e2.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"3f411093cfaa758178dc81b236905950"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVJU2Hc7F2bfVdmOcUXchVAO42PX%2BeCZZS48tLqwS%2Fm4QWZ1MZi5ux53btPZh03Vf3QMJsewyi6L8rEPsiZ27hMEYDoBLYxdhRix0kdln1TTianDSqKb8p8R5CeYpCLaGS5Kp3gN888GH8LBlbiHXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3ee756a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1080&min_rtt=1059&rtt_var=439&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1706&delivery_rate=1179153&cwnd=250&unsent_bytes=0&cid=27b83b0b57f34508&ts=67&x=0", cfL4;desc="?proto=TCP&rtt=2409&min_rtt=471&rtt_var=2616&sent=67&recv=34&lost=0&retrans=0&sent_bytes=64379&recv_bytes=2937&delivery_rate=13731416&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=691&x=0"
X-Firefox-Spdy: h2

s.opoxv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907734626

95.211.229.246

200 OK

0 B

URL GET
s.opoxv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907734626
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectopoxv.com
Fingerprint32:F9:B9:6A:B2:B1:95:59:58:C0:84:54:40:27:99:9B:CC:F7:E9:15
ValidityMon, 27 Jan 2025 10:49:31 GMT - Sun, 27 Apr 2025 10:49:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907734626 HTTP/1.1
Host: s.opoxv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6MKFMM2K3&cid=2102761840.1741357748&gtm=45je5360v882818710z8830320896za200zb830320896&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&z=1975562733

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6MKFMM2K3&cid=2102761840.1741357748&gtm=45je5360v882818710z8830320896za200zb830320896&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&z=1975562733
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6MKFMM2K3&cid=2102761840.1741357748&gtm=45je5360v882818710z8830320896za200zb830320896&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102814059&z=1975562733 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Mar 2025 14:29:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/_app-c2b2ff94d0aa6ea6.js

104.26.15.99

200 OK

4.2 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/_app-c2b2ff94d0aa6ea6.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JavaScript source, ASCII text, with very long lines (4374), with no line terminators
Size
4.2 kB (4234 bytes)
Hash
e813684f3f26e3449f9d3221c3e6d779
9cd7e98d2f03418b5d3549fcfb1cd4eda8efc818
27c54eff8e0e1eeaf26e2fc44643ad4309a2c4401397b000d435eaa4d078b7d8

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/pages/_app-c2b2ff94d0aa6ea6.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"4670cbf0f3d49be0338f0a6d121c018b"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3hE20GNm2hR4wZoIlC34AnG1fCCZJQI0QjDQ1Y%2BIlUcVPF0ME00548uhJ7x7my567A0Oh4cto5KEetzfu0S616DMgRhIh87cL01vscbLydHcLv4QgX7%2B1xMKfGTifqqdMh8qcKjqC9H7StN%2BM%2Bu%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3ee856a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=953&min_rtt=944&rtt_var=372&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1712&delivery_rate=1421000&cwnd=225&unsent_bytes=0&cid=10ca065cd381ba15&ts=35&x=0", cfL4;desc="?proto=TCP&rtt=1053&min_rtt=522&rtt_var=882&sent=55&recv=28&lost=0&retrans=0&sent_bytes=54300&recv_bytes=2937&delivery_rate=13731416&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=624&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/eye-off.6355052a.svg

104.26.15.99

200 OK

1.0 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/eye-off.6355052a.svg
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1030 bytes)
Hash
3f0d17026cb1ef0bdee0f2f2f1a66ded
4ba7080f49977bbd3dc06a4a96af5c6be8e90206
fc877c06b8e9a2cca7292ada2eb958d0f4df9c16d56cfbb0fc16ae1fdca5e666

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/eye-off.6355052a.svg HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"45021b886dbd8c3789ea0a78aeb1503d"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRVgZrDH3D%2BDe4bZ7nK2%2BwS4B9c2CMkAp%2FLSpls2PhGAYcI1XLLWob6WcZn0V2Eko4cnD%2FtJqMucqCPkaoni1NzINIduxckrzq183RhJ2HttMjOK2AbH0VB09xP3GuWbH5CIcwNCxolEtXtAxpYjVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac8878fee56a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1264&min_rtt=1226&rtt_var=487&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2640&delivery_rate=1181076&cwnd=249&unsent_bytes=0&cid=7a169216efd12d5f&ts=89&x=0", cfL4;desc="?proto=TCP&rtt=1414&min_rtt=471&rtt_var=697&sent=208&recv=74&lost=0&retrans=0&sent_bytes=224604&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2173&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/images/canvas/bg/bg-sun.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

3.7 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/bg/bg-sun.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3677 bytes)
Hash
b56111d17e308db95f27f120ab41e7fd
353e8bc83df612e41a09d67ee7886254aa7a122f
0f6d77d48c08003a4c3a02a972d313ec00e83a9b3d7b3d9fc85612f1c1349134

HTTP Headers

GET /assets/images/canvas/bg/bg-sun.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: W/"7cdab611d233d4b44baa60cf63e98994"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 06dBwwPWZrLK433sMJP-uIdI29Pq3q0XZWYEic2xgEhKRW6NWDD3zw==

aviator-demo.spribegaming.com/question-brown.57a6d4fa3c236ecd.svg

18.165.140.66

200 OK

955 B

URL GET
aviator-demo.spribegaming.com/question-brown.57a6d4fa3c236ecd.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
955 B (955 bytes)
Hash
66084cedc3d7877ad2ab48e27221ddc3
2409b9ffc27063896e5dee798d9da51652d2b358
8e77dbe4498d2ad1df60d6efe0c46a4fad154b6e3d7dbd18d73ad21de94d1e29

HTTP Headers

GET /question-brown.57a6d4fa3c236ecd.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 955
age: 109203
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 08:16:11 GMT
cache-control: max-age=604800, public
etag: "de91f83befe508a0d3aec2d35ca91d9f"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XWHXikXAu5Ol9Wml16tOSfXoh3EID50AXyNRzzOKlYtfI2H8gis0wA==

aviator-demo.spribegaming.com/Inter-Regular.1282ebc61b96a9d9.ttf

18.165.140.66

200 OK

310 kB

URL GET
aviator-demo.spribegaming.com/Inter-Regular.1282ebc61b96a9d9.ttf
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 50 names, Microsoft, language 0x409
Size
310 kB (310252 bytes)
Hash
ea5879884a95551632e9eb1bba5b2128
cfa780d0b50b2bb7eacb82984f1b18a95aaa40c5
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

HTTP Headers

GET /Inter-Regular.1282ebc61b96a9d9.ttf HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: binary/octet-stream
content-length: 310252
age: 549182
date: Sat, 01 Mar 2025 05:56:08 GMT
last-modified: Wed, 26 Feb 2025 16:45:26 GMT
etag: "ea5879884a95551632e9eb1bba5b2128"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: znbRhGTK8n8WU3g_-jf7BaJjToPCIl1NhezWy_A0It16s7XprulDpQ==

aviator-demo.spribegaming.com/assets/i18n/challenges/en.json?v=v4.2.63-hotfix

18.165.140.66

200 OK

21 kB

URL GET
aviator-demo.spribegaming.com/assets/i18n/challenges/en.json?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type

Size
21 kB (20970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/i18n/challenges/en.json?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 5de69f651ed44b6aa9a35bdf45bcb98a-a22645c0f11a012d-0
baggage: sentry-environment=demo,sentry-release=v4.2.63-hotfix,sentry-public_key=211b12c20385419e9d526a4edd2b9d7f,sentry-trace_id=5de69f651ed44b6aa9a35bdf45bcb98a,sentry-sample_rate=0.001,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json
alt-svc: h3=":443"; ma=86400
age: 100978
date: Thu, 06 Mar 2025 10:26:13 GMT
last-modified: Thu, 06 Mar 2025 10:26:03 GMT
etag: W/"32f1b990b8ab4b45bf65aa781bb63c0e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: ykTAJ9kVzKhBge8hGItii33BEzUkpyEyMPQMgiyB5IOI1i-rQb9uLQ==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-42.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.2 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-42.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.2 kB (9228 bytes)
Hash
d8663853ff28cd1493fd2de1acaab77e
3c83a1edfd90d74f6d61b90200bfc5122b2063cc
90feb60e7a50433ee11a7e7e4a48b26a48462de3dbc615bfef9bc6f28acadaa1

HTTP Headers

GET /assets/static/avatars/v2/av-42.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9228
age: 100945
date: Thu, 06 Mar 2025 10:26:50 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: "d8663853ff28cd1493fd2de1acaab77e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qep-YnS0KpXH2jr7K86e2xdTjftyIiegnzxQy0TeNhCAi3i--g8gsQ==

s.orbsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907737662

95.211.229.245

200 OK

0 B

URL GET
s.orbsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907737662
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintF4:46:8D:C3:E0:07:B7:48:41:C5:76:F4:F2:E1:8C:7D:2D:A8:71:E5
ValidityMon, 27 Jan 2025 10:54:50 GMT - Sun, 27 Apr 2025 10:54:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907737662 HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-2.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.9 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-2.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.9 kB (9865 bytes)
Hash
5277c081672ae1da08f17d293e41cf5b
1cc2a521a5c8255b66e6b74b27dc8d885dfd7f8d
eb04f6aaa93cc918f44411a364e214bad7e3b3c649ff93216113be999338d9ac

HTTP Headers

GET /assets/static/avatars/v2/av-2.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9865
age: 100947
date: Thu, 06 Mar 2025 10:26:48 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "5277c081672ae1da08f17d293e41cf5b"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MKpm2yd6w8_mj8_xBqy9u-9Q-Kp0CMRio2jHhtoDC6h5aevApCk0YQ==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/error-icon.f1a4a15a.svg

104.26.15.99

200 OK

722 B

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/error-icon.f1a4a15a.svg
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
SVG Scalable Vector Graphics image
Size
722 B (722 bytes)
Hash
d213cfa96d03ab6c04b03b36f0c4fa8b
8b46e0343542730673298882322ef3a18ec8bbae
27ede54663bde0d6e5dde74329105c51cc0b672751cba046a9c133e24210943c

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/error-icon.f1a4a15a.svg HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"3638f4d180d70c79cecb1713472cb731"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otb2JFC8wIhQXKaBeGKKPnhAdyY0i0sFZg8R2Szsj60NjAsqcpiZ9C1lSfd4jIzKZHnlUk1a7Y7BmUze2qm5EhD%2F4%2FrYC7PSGUbOMH2yFbygE1z82lsyVZMCCOP3ZMYDg4%2B4aKMHa7ppqwpplA0rEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac8878fe656a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1354&min_rtt=1328&rtt_var=516&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2643&delivery_rate=1090361&cwnd=244&unsent_bytes=0&cid=7bd21ed459ea75d8&ts=113&x=0", cfL4;desc="?proto=TCP&rtt=1463&min_rtt=471&rtt_var=622&sent=215&recv=75&lost=0&retrans=0&sent_bytes=227940&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2188&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-1.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

2.8 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-1.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.8 kB (2786 bytes)
Hash
c0c1daed5055d28e17b6ecb4753f14b2
2afdf71e7a25dd0d58783f3cc5ec18152bab69db
c23d5c682622f52e2926bd6262cf3d383349b3065a7a46753fdac5d441fc686b

HTTP Headers

GET /assets/images/canvas/plane/spribe/plane-1.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:05 GMT
etag: W/"096950dd41783359c52c37fda2d01c49"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: LWQQaApChee-Iljw8ZtOs1S6N80pzU_eUS84jD509mjZ3CStcEe6fQ==

aviator-demo.spribegaming.com/assets/sounds/sprite_audio.mp3?v=v4.2.63-hotfix

18.165.140.66

200 OK

210 kB

URL GET
aviator-demo.spribegaming.com/assets/sounds/sprite_audio.mp3?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Size
210 kB (210123 bytes)
Hash
a59c20dfb1efb1b87a4ec6cb54b34001
566c3f649956590d69a4c54323a7708ddf8676ed
bd579e58153b5a652b53b4b26b1fbd02126a186811407c01a03c480d8d52a7cf

HTTP Headers

GET /assets/sounds/sprite_audio.mp3?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: audio/mpeg
content-length: 210123
age: 100952
date: Thu, 06 Mar 2025 10:26:39 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "a59c20dfb1efb1b87a4ec6cb54b34001"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tg6F3T38wOEwjeyDmm3vR9AkruVSUSC__ABmQxuDAhPrMFEZDpSVbg==

win.pari-matchin.com/psp

104.26.15.99

200 OK

0 B

URL POST
win.pari-matchin.com/psp
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /psp HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Api-Key: 6887bed4-e4cb-4153-90b3-472318b1e531
Content-Length: 2687
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357750..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f..101ef16c-9158-4ab9-b9e8-4658a469f28b.1741357749866.1; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:09 GMT
content-length: 0
access-control-allow-credentials: true, true, true
access-control-allow-origin: https://win.pari-matchin.com, *, https://win.pari-matchin.com
access-control-expose-headers: X-Apg-At, X-Apg-Rt, X-User-Sid, Content-Length
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
set-cookie: snowplow=c38f9fab-2b55-435a-9f62-8585297c23f9; Expires=Sat, 07 Mar 2026 14:29:09 GMT; Path=/; SameSite=None
vary: Origin, Origin, Origin
hserver: 7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2xbGbo7d3fS%2BHLzDacpwTKB9jFnoLPknG4JdarI1%2FFyWqquo1y0Nl8sUPXJ9JP3BBGaTFyMnxhnObWTkL95ZiANZt9kv3XIrR%2BqjyXaQdb3JanVY8UFfTmmMUvTXhVwwEFg1dLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac890f8a356a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=7552&min_rtt=458&rtt_var=12097&sent=280&recv=87&lost=0&retrans=0&sent_bytes=303996&recv_bytes=9168&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=3527&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS

18.165.140.66

200 OK

14 kB

URL GET
aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (7342)
Size
14 kB (13554 bytes)
Hash
cbe9394f149c31dd7d11f63430c022d8
7808266147685fca083c401e7aec1d666576c5e3
ba280822d24cbec4b627155332913bb213ddd56389401f6c9a16bcb27e49ab5e

HTTP Headers

GET /?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.pari-matchin.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Fri, 07 Mar 2025 14:29:09 GMT
last-modified: Thu, 06 Mar 2025 10:26:10 GMT
etag: W/"cbe9394f149c31dd7d11f63430c022d8"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store, must-revalidate
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Miss from cloudfront
via: 1.1 26c2e0e41f83d4efa53728215e07322a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JuIWG7FHxtFn9VwOlnmifMBIgyMDIlnMEOvnimrVriY13p3fWgz20w==
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/bg-desk.179e59a6.jpg

104.26.15.99

200 OK

24 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/bg-desk.179e59a6.jpg
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
24 kB (24242 bytes)
Hash
bded5f061e3bb6821a92061c89bd3e4b
c4cbd026d35d37510ca4ae1b75012c56a600331c
4d7d47e44c1c241968fb03714086a88c7259986026be8fc1f2cbdc00f70270f1

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/bg-desk.179e59a6.jpg HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/jpeg
content-length: 24242
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "bded5f061e3bb6821a92061c89bd3e4b"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCsIYB92KqOcnndB9hinqo5wk0fyERGLYX7aWz3pQCyNMM9mnI2Wqq%2BiqUmM3w8KOGiRerIGH7s5yyRW0lXvx7n99MR4NQrEE4LFj5MRcxbYAHkC4X3MFrq1DXGF2sC4RE9WB75iw4bma1Z51uONDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac8877fc756a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1365&min_rtt=1330&rtt_var=524&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2640&delivery_rate=1088721&cwnd=227&unsent_bytes=0&cid=db83d74de915c532&ts=88&x=0", cfL4;desc="?proto=TCP&rtt=2901&min_rtt=458&rtt_var=2847&sent=218&recv=77&lost=0&retrans=0&sent_bytes=229091&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2191&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-5.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

12 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-5.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
12 kB (11851 bytes)
Hash
49f7cecc4ea4653e87be1f650b6ac5b6
ffb2c2ce613436d8985d82b6e0ef71a7e8ee03a4
2914803d1b241853e4a1ee95507879e65a12dd9b325068228898121a7071bbe1

HTTP Headers

GET /assets/static/avatars/v2/av-5.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 11851
age: 100953
date: Thu, 06 Mar 2025 10:26:42 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: "49f7cecc4ea4653e87be1f650b6ac5b6"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YfbbBmLkWl_jCo92lONc33GD7eDhRs9XoF6ygd_DMy6rigefr_SF0g==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-13.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

11 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-13.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
11 kB (11071 bytes)
Hash
b449d43d67af53e0db8fde75d599fc99
29ed27284b62b30b8e776b8df17caa9dd58823c3
b372dd7d372bdd468561bbec3958bc29cb026109e5ce3a0c3223d3e83fbe4875

HTTP Headers

GET /assets/static/avatars/v2/av-13.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 11071
age: 100947
date: Thu, 06 Mar 2025 10:26:48 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "b449d43d67af53e0db8fde75d599fc99"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IY2mf8T5MtkEULv6n5NQXWfpOYLLM0bn42-Lv14s3pdxeOKcFMIN5g==

aviator-demo.spribegaming.com/assets/images/canvas/partners-logo/partners-logo.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

14 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/partners-logo/partners-logo.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
14 kB (14308 bytes)
Hash
f34298ea62d81eb3815ba1f6801e4d90
6f71051b80087b024f56fa2aa3c25c6ccd23307b
288c9ad1e8d23b627c6704b35cff179d0636b1f2558f90557195c702fdb756b0

HTTP Headers

GET /assets/images/canvas/partners-logo/partners-logo.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: W/"f34298ea62d81eb3815ba1f6801e4d90"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: I9vHCW6OW2SR9HPLb28fdlBjVo8p19nErZvh33tUjXWowqbD8eFWCA==

aviator-demo.spribegaming.com/assets/i18n/challenges/en.json?v=v4.2.63-hotfix

18.165.140.66

200 OK

21 kB

URL GET
aviator-demo.spribegaming.com/assets/i18n/challenges/en.json?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type

Size
21 kB (20970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/i18n/challenges/en.json?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 5de69f651ed44b6aa9a35bdf45bcb98a-a76537fba19b6deb-0
baggage: sentry-environment=demo,sentry-release=v4.2.63-hotfix,sentry-public_key=211b12c20385419e9d526a4edd2b9d7f,sentry-trace_id=5de69f651ed44b6aa9a35bdf45bcb98a,sentry-sample_rate=0.001,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json
alt-svc: h3=":443"; ma=86400
age: 100978
date: Thu, 06 Mar 2025 10:26:13 GMT
last-modified: Thu, 06 Mar 2025 10:26:03 GMT
etag: W/"32f1b990b8ab4b45bf65aa781bb63c0e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 7bvYHB7tf6QTcjcnR_IQDiAHFTFV1_XOaNI40HEaiRNd5UaPrY7uWw==

wss://app-demo.spribe.io/BlueBox/websocket

3.164.206.116

101

0 B

URL GET
wss://app-demo.spribe.io/BlueBox/websocket
IP
3.164.206.116:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribe.io
FingerprintAB:69:B3:44:98:7D:F9:87:20:77:EE:41:2E:ED:9A:29:D9:83:84:26
ValidityTue, 09 Jul 2024 00:00:00 GMT - Tue, 05 Aug 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /BlueBox/websocket HTTP/1.1
Host: app-demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://aviator-demo.spribegaming.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SkD/wC+OTObC8H4B7Df1ww==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Connection: upgrade
Date: Fri, 07 Mar 2025 14:29:10 GMT
Upgrade: websocket
Sec-WebSocket-Accept: 1it4pdjS63fpWqerZVX3EmmRxj8=
Sec-WebSocket-Extensions: permessage-deflate
X-Cache: Miss from cloudfront
Via: 1.1 ce092593abf1e734c982d9f9b72f7234.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL51-P5
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: MPA5PT58JOGsm1Hlxr6lasgx1ywq_2QCv-tqcXAl32xXpMoBDOO1tg==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/sf-pro-display-regular-webfont.c7d2108e.woff2

104.26.15.99

200 OK

28 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/sf-pro-display-regular-webfont.c7d2108e.woff2
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28000, version 1.0
Size
28 kB (28000 bytes)
Hash
c347a094d0f5a9f480c62cd716aeffc2
ce4eca0f167cdff71cf532c6c52aa90a4679828f
4263c2151def8b93f36b8c6834653aa5e024743f0b84dfc366fc509bfc71a542

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/sf-pro-display-regular-webfont.c7d2108e.woff2 HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: application/octet-stream
content-length: 28000
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "c347a094d0f5a9f480c62cd716aeffc2"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tI7QlBb1Kyd5gfDtl2EfmIBAoxy8FGVQo8RM%2F8RP6g1pQZR3oc%2Bfam%2FlbwekDNey8%2Bv5HybXn014LQpPeo%2FQGbFui5Iiz0MjEbQli0n90ZRlxKoo1VGhDjCxXqrb%2FFAdmPQTP4PrImArR9ATHnWGCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac88808db56a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1260&min_rtt=1197&rtt_var=494&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2702&delivery_rate=1209690&cwnd=212&unsent_bytes=0&cid=eb75fe8d7876fe22&ts=108&x=0", cfL4;desc="?proto=TCP&rtt=2682&min_rtt=458&rtt_var=2616&sent=253&recv=80&lost=0&retrans=0&sent_bytes=275018&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2300&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/Inter-Bold.c146dcab14729d84.ttf

18.165.140.66

200 OK

317 kB

URL GET
aviator-demo.spribegaming.com/Inter-Bold.c146dcab14729d84.ttf
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 50 names, Microsoft, language 0x409
Size
317 kB (316584 bytes)
Hash
ba74cc325d5f67d0efbeda51616352db
47ff07c75746682133b81e7ac0537ce50a4c9916
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32

HTTP Headers

GET /Inter-Bold.c146dcab14729d84.ttf HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: binary/octet-stream
content-length: 316584
age: 521742
date: Sat, 01 Mar 2025 13:33:29 GMT
last-modified: Wed, 26 Feb 2025 16:45:26 GMT
etag: "ba74cc325d5f67d0efbeda51616352db"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QAzeZmWvppFraZXCeVc4PwuJh2oKki4Q-Dp9Zoxvs3uwTEXFzLwvLQ==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-20.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.3 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-20.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.3 kB (9320 bytes)
Hash
cd5f71a19fb480d81f19ff4219d7c08e
68d8de46289257d3ac09b731dd92b616c1dc139e
02b815b3564bc33daf7a64ee5185b8ea4cdf653c8ca397bbdcdc43fd4704dd87

HTTP Headers

GET /assets/static/avatars/v2/av-20.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9320
age: 100952
date: Thu, 06 Mar 2025 10:26:43 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "cd5f71a19fb480d81f19ff4219d7c08e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jmUFKXlD_KeX6Tw7NWnofmKeLhLaVxVS1CXC9fk0VvYy2_a4LMIOSg==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_ssgManifest.js

104.26.15.99

200 OK

77 B

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_ssgManifest.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/WPQt6Gd12_FFmofYghQMH/_ssgManifest.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"b6652df95db52feb4daf4eca35380933"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQ%2BEJC%2BlZUZbawGrU6lvva7812zZy1Um9QsupQVcBQv%2BYzgLd19JZiOqUlk3UlaF8Bdm9rdj5g6yA4HCZ97MzwIQQOGmQZ%2FwU1dck5ATFWPM3wNLr4XKWk%2BWN1HwlWx54ln%2BAxtbbX4qK473%2Fy6aaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e4ef656a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1379&min_rtt=1259&rtt_var=558&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1712&delivery_rate=1150119&cwnd=250&unsent_bytes=0&cid=3a2f7414cc3a9f65&ts=117&x=0", cfL4;desc="?proto=TCP&rtt=2044&min_rtt=471&rtt_var=2407&sent=123&recv=54&lost=0&retrans=0&sent_bytes=129625&recv_bytes=2937&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=726&x=0"
X-Firefox-Spdy: h2

www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5&scrsrc=www.googletagmanager.com&frm=0&rnd=1317875741.1741357748&dt=PARIMATCH&auid=1001097897.1741357748&navt=n&npa=1&gtm=45He5360v830320896za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824&tft=1741357747676&tfd=1332&apve=1

142.250.74.68

200 OK

0 B

URL POST
www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5&scrsrc=www.googletagmanager.com&frm=0&rnd=1317875741.1741357748&dt=PARIMATCH&auid=1001097897.1741357748&navt=n&npa=1&gtm=45He5360v830320896za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824&tft=1741357747676&tfd=1332&apve=1
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2
ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ccm/collect?en=page_view&dl=https%3A%2F%2Fwin.pari-matchin.com%2Fin%2Freg%2Faviademo-v5&scrsrc=www.googletagmanager.com&frm=0&rnd=1317875741.1741357748&dt=PARIMATCH&auid=1001097897.1741357748&navt=n&npa=1&gtm=45He5360v830320896za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102643510~102717422~102788824&tft=1741357747676&tfd=1332&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
date: Fri, 07 Mar 2025 14:29:08 GMT
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://win.pari-matchin.com
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/main.71148b7ade782ab6.js

18.165.140.66

200 OK

2.7 MB

URL GET
aviator-demo.spribegaming.com/main.71148b7ade782ab6.js
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
2.7 MB (2743647 bytes)
Hash
886763415e0c11b4cdd96eaa93ed1b66
4c2fb7a54cbf208fe9d1552893102967ab4fc8a9
cb60b21aeda5e9696e528e42d4f5a5eef9ccc8f2304e24dbc9791732d32f88c3

HTTP Headers

GET /main.71148b7ade782ab6.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 100934
date: Thu, 06 Mar 2025 10:26:55 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: W/"886763415e0c11b4cdd96eaa93ed1b66"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: eRYVcQPsTN1eRr3DWzjiQJaKEGlJxAROBTfmspDdI7VKpeWg5OSoJA==

aviator-demo.spribegaming.com/assets/sounds/bg_music.mp3?v=v4.2.63-hotfix

18.165.140.66

200 OK

519 kB

URL GET
aviator-demo.spribegaming.com/assets/sounds/bg_music.mp3?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 32 kHz, Monaural
Size
519 kB (518911 bytes)
Hash
eed93586481051be161a70986e1203d8
510b5c8570d356725f452d1f9394cbbde28068d2
0c1feababe6aaa457b9c7c32be15f4d3a62fd6399d55afaf6c55e73dc52ee388

HTTP Headers

GET /assets/sounds/bg_music.mp3?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: audio/mpeg
content-length: 518911
age: 100952
date: Thu, 06 Mar 2025 10:26:39 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "eed93586481051be161a70986e1203d8"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: d8mEuUdzUGMV2nNVeUenLlCYAGEP-iG0ae8S36iqg3BT4QcGd0TTFQ==

win.pari-matchin.com/utils/images/favicon.ico

104.26.15.99

200 OK

7.4 kB

URL GET
win.pari-matchin.com/utils/images/favicon.ico
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
7.4 kB (7406 bytes)
Hash
5aefb18f77cd68dba60db4db2e8da723
5e3c184352070baf8f2e2d91f64a26b177ecd213
80b8c6a0e8515607d85b94c8e890bafee4634a9b5eb789bda9a9300c01cb0d74

HTTP Headers

GET /utils/images/favicon.ico HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: application/octet-stream
content-length: 7406
age: 57326
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "5aefb18f77cd68dba60db4db2e8da723"
last-modified: Tue, 04 Feb 2025 11:07:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3HvXEAXgABu%2Fc4R2fcPv2rpgJr7PvwC%2BuFekAj91RBuVmUNQo1Ql81LvimrZ04WVrXE1sKV7joprp5menQ8dEgTBbH1nE58RUi%2FrpJ%2BPtC6AmA7pCLBYaNH5ueIl4KMlGTSas7CnwSgioIEAhxj4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac8822da356a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1331&min_rtt=1281&rtt_var=516&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2714&delivery_rate=1130366&cwnd=237&unsent_bytes=0&cid=cd1b796088480330&ts=14&x=0", cfL4;desc="?proto=TCP&rtt=1398&min_rtt=471&rtt_var=881&sent=184&recv=64&lost=0&retrans=0&sent_bytes=202947&recv_bytes=4063&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=1113&x=0"
X-Firefox-Spdy: h2

demo.spribe.io/launch/aviator?lang=ms

3.164.68.97

302 Found

14 kB

URL GET
demo.spribe.io/launch/aviator?lang=ms
IP
3.164.68.97:443
ASN
#16509 AMAZON-02

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerAmazon
Subjectspribe.io
FingerprintAB:69:B3:44:98:7D:F9:87:20:77:EE:41:2E:ED:9A:29:D9:83:84:26
ValidityTue, 09 Jul 2024 00:00:00 GMT - Tue, 05 Aug 2025 23:59:59 GMT

File type

Size
14 kB (13554 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /launch/aviator?lang=ms HTTP/1.1
Host: demo.spribe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://aviator-demo.spribegaming.com?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
date: Fri, 07 Mar 2025 14:29:08 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 8e83ffcea906745255dd96fad91bf456.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NgsB4kcXymLDHzL4pX7F4LzwZ-Nz_snKNeNapfwH9_5m_YeF6yBP3A==
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/i18n/en.json?v=v4.2.63-hotfix

18.165.140.66

200 OK

28 kB

URL GET
aviator-demo.spribegaming.com/assets/i18n/en.json?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type

Size
28 kB (27873 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/i18n/en.json?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 5de69f651ed44b6aa9a35bdf45bcb98a-a0ee857f1d7dbff6-0
baggage: sentry-environment=demo,sentry-release=v4.2.63-hotfix,sentry-public_key=211b12c20385419e9d526a4edd2b9d7f,sentry-trace_id=5de69f651ed44b6aa9a35bdf45bcb98a,sentry-sample_rate=0.001,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: W/"e0b163ef53da7cf6ba71649af57d9233"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: NyUzNmX1qskeRXGueL4LDtiNWIfDIFZ5hz5Wj4rLIFgmK0LKZuNCqg==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-72.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

7.8 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-72.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.8 kB (7819 bytes)
Hash
0f52a723e70157814d21a0f82819a4c1
bebd06d96ce589b8c954811e562eca1ef19a826d
227ba7a4cd73fe706b5e5c412413ec396442b2b1d7e184738781fe597577ec17

HTTP Headers

GET /assets/static/avatars/v2/av-72.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 7819
age: 100952
date: Thu, 06 Mar 2025 10:26:43 GMT
last-modified: Thu, 06 Mar 2025 10:26:07 GMT
etag: "0f52a723e70157814d21a0f82819a4c1"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TH4OQvxj5aUYkMEmMNF5k0fD9UAzUV3KP7J7RMt-liD5uhIVnJTFsw==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/parimatch-regular-webfont.908651b4.woff2

104.26.15.99

200 OK

20 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/parimatch-regular-webfont.908651b4.woff2
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20188, version 1.0
Size
20 kB (20188 bytes)
Hash
3cb5df877b7158415129ef0bc5758b7c
cd98ac776eac158a34f242ee5ddb94036dec8527
4c4b4d270aa6405fbaf6a8bdcc777d1981e5b1522321562a46ef197afe3f76b3

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/parimatch-regular-webfont.908651b4.woff2 HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/5d18baaafadc1cc3.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: application/octet-stream
content-length: 20188
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: "3cb5df877b7158415129ef0bc5758b7c"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnxDKhx6JS506rQLdxMMD9Bb%2Fs8YB2JbnYlgLlD7GEIIZi7dlaz7CE4rTF9tJMAtvSgtWHvbQNbPnKgbfI4notX8UjbLka60ooFifJAiMoGjb6gs4qwkbDoAq4PGLiPk%2FvohsyCP6j%2Fd7FxPFk3Ckg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 91cac8879fff56a2-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1540&min_rtt=1533&rtt_var=580&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2697&delivery_rate=944553&cwnd=247&unsent_bytes=0&cid=b30afb4efa5864da&ts=119&x=0", cfL4;desc="?proto=TCP&rtt=3267&min_rtt=458&rtt_var=2867&sent=237&recv=78&lost=0&retrans=0&sent_bytes=254078&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2237&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/runtime.da7dcd113f9ca8e6.js

18.165.140.66

200 OK

1.3 kB

URL GET
aviator-demo.spribegaming.com/runtime.da7dcd113f9ca8e6.js
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1341), with no line terminators
Size
1.3 kB (1333 bytes)
Hash
9c548ba6b9e32cee8e24079d811c2e6c
3e0bc8ac1b14c5577ef9580c3ff769eca3fbd395
74a7b75f1191af391aa08b104b18bdf29d4f36a27c8d46abe724eacace559e44

HTTP Headers

GET /runtime.da7dcd113f9ca8e6.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 509415
date: Sat, 01 Mar 2025 16:58:55 GMT
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
etag: W/"8720d6670d2df1936a9ad4551ab8e08a"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: XmD2jmk-6tSH-FUNq_CKtQJWo5R70HzkpiHpC6hXC7mDITUUGYbzcw==

aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-0.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

2.7 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-0.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2685 bytes)
Hash
850c5b8e0d30fb2530b1a19552ee46f1
da2b61b0af19c1a7fc1126ee3e639055b886d7c4
4119f94dd48cc744e4c01d44c8f39ab947438e6a00ba04a667a7efbaad28d182

HTTP Headers

GET /assets/images/canvas/plane/spribe/plane-0.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100979
date: Thu, 06 Mar 2025 10:26:12 GMT
last-modified: Thu, 06 Mar 2025 10:26:05 GMT
etag: W/"92a6695ff922618316a9620c88e6acf6"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: xdFaT9EoIP6zhIvKxDL0Tyj0sHWq_yIJRTwtP2X_s2C7h_Om95rREw==

www.googletagmanager.com/gtm.js?id=GTM-MB884G5&gtm_auth=&gtm_preview=&gtm_cookies_win=x

142.250.74.168

200 OK

378 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-MB884G5&gtm_auth=&gtm_preview=&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (17292)
Size
378 kB (378532 bytes)
Hash
5492a8d8f68723753248ee531107d766
5c4eb87a3c3fe85cb6873468b73eb7058d74d7d6
f77ea621c067f6c9fbecc73eb00ef6b337a31cb575a385a9ecdc8ad22b4b1947

HTTP Headers

GET /gtm.js?id=GTM-MB884G5&gtm_auth=&gtm_preview=&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Mar 2025 14:29:07 GMT
expires: Fri, 07 Mar 2025 14:29:07 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Mar 2025 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1245:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1245:0
report-to: {"group":"ascgcycc:1245:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1245:0"}],}
server: Google Tag Manager
content-length: 122967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

syndication.realsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907742313

95.211.229.247

200 OK

0 B

URL GET
syndication.realsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907742313
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintF6:D0:6D:3B:2F:9F:A9:D2:60:DA:3D:02:DD:4A:61:97:D8:BC:9C:29
ValidityMon, 27 Jan 2025 10:58:24 GMT - Sun, 27 Apr 2025 10:58:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907742313 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

aviator-demo.spribegaming.com/Inter-Bold.c146dcab14729d84.ttf

18.165.140.66

200 OK

317 kB

URL GET
aviator-demo.spribegaming.com/Inter-Bold.c146dcab14729d84.ttf
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 50 names, Microsoft, language 0x409
Size
317 kB (316584 bytes)
Hash
ba74cc325d5f67d0efbeda51616352db
47ff07c75746682133b81e7ac0537ce50a4c9916
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32

HTTP Headers

GET /Inter-Bold.c146dcab14729d84.ttf HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/styles.bb4e24bdcee1ddc3.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: binary/octet-stream
content-length: 316584
age: 521742
date: Sat, 01 Mar 2025 13:33:29 GMT
last-modified: Wed, 26 Feb 2025 16:45:26 GMT
etag: "ba74cc325d5f67d0efbeda51616352db"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tXSZbrhjzcBxlT2XDux6TJ03SfD1ZBx0vFmY72YLbNM2L04ut6EQjA==

aviator-demo.spribegaming.com/logo.21150cff6aca56a1.svg

18.165.140.66

200 OK

2.1 kB

URL GET
aviator-demo.spribegaming.com/logo.21150cff6aca56a1.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2099 bytes)
Hash
16beba9c53673f43cf2b226dd4684bb1
647da4925aace5e97a6f6293d1fc4344bc9495da
484244f3b3089dad8a900dc6389c9daad00106fb5d1d26fce91f99c097ef0c4f

HTTP Headers

GET /logo.21150cff6aca56a1.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 298217
last-modified: Mon, 17 Feb 2025 16:48:27 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
date: Fri, 07 Mar 2025 04:12:28 GMT
cache-control: max-age=604800, public
etag: W/"c0767383877054b606807c96e6c8bad5"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: zTfY776kaqoCiWh5AXsXEnyAm8DNqTUVjwhwwVv3_IqNTcj1Yx9FXQ==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/index-482debc93a0ad3a7.js

104.26.15.99

200 OK

33 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/pages/index-482debc93a0ad3a7.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type

Size
33 kB (33367 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/pages/index-482debc93a0ad3a7.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"b6a2812390d47bd3b4e4eefb3b2d2018"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXxc9F2KQwCzmNCJk2257dIRT3vNG2m6MUOta%2Fggqm9RfxVSudtzDPkTpXKLd1tAaMKO9IiwbAEdoF9m43e9lM6N52ZFF5e1ruatqBFuYZZ3OSqP73SZXMtUpMpw0tfBFyNkw8nKmglZiEeFbYvLEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e4eee56a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1516&min_rtt=1313&rtt_var=638&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1713&delivery_rate=1102817&cwnd=244&unsent_bytes=0&cid=4b4551fc319a8ab1&ts=122&x=0", cfL4;desc="?proto=TCP&rtt=862&min_rtt=471&rtt_var=425&sent=112&recv=51&lost=0&retrans=0&sent_bytes=117335&recv_bytes=2937&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=713&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/styles.bb4e24bdcee1ddc3.css

18.165.140.66

200 OK

155 kB

URL GET
aviator-demo.spribegaming.com/styles.bb4e24bdcee1ddc3.css
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65309)
Size
155 kB (154580 bytes)
Hash
27df88aa3f9ba907986124a90ed86cb0
02934f73d722a841d15baff074faa1c7aa64344d
9aa47f8fa2a8cd1fd809a43496572d2e2ce57d64cac7052be15622c1952878ce

HTTP Headers

GET /styles.bb4e24bdcee1ddc3.css HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css
alt-svc: h3=":443"; ma=86400
age: 554405
date: Sat, 01 Mar 2025 04:29:05 GMT
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
etag: W/"27df88aa3f9ba907986124a90ed86cb0"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 47iHm2mce_rLVT_2o-m6ajxZg3KnTdnBPE0HNsRmWSUKWeNk_TfEmg==

aviator-demo.spribegaming.com/assets/images/canvas/icons/up-down.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

558 B

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/icons/up-down.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
558 B (558 bytes)
Hash
8c45ad005b3555581ba89c79b4536c7f
62b527ab879c156da0708301cdba6d3aa0172022
69f441caa126d9605c5cdf60b02c788950c7661128c8a13d2b30aeda97fd9fa7

HTTP Headers

GET /assets/images/canvas/icons/up-down.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 558
age: 100975
date: Thu, 06 Mar 2025 10:26:16 GMT
last-modified: Thu, 06 Mar 2025 10:26:04 GMT
etag: "e43c970aa6900232620082f72c138130"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CZU5GbRfBcUyrhi5VV6XYGr-dw4TvtlT3ZgMwIqYsdFkSY_v3i7lMQ==

app-config.spribegaming.com/aviator/demo.json?v=v4.2.63-hotfix

3.164.68.15

200 OK

362 B

URL GET
app-config.spribegaming.com/aviator/demo.json?v=v4.2.63-hotfix
IP
3.164.68.15:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (418), with no line terminators
Size
362 B (362 bytes)
Hash
0ffdf7468b77750f3a1c3e1f581434ab
e4fefc7023cd43c109957ed7af84de54f44a796c
d679f7b1971454059c7db5614d10f42fa60feaf33d493ec2812f8da2705f81b3

HTTP Headers

GET /aviator/demo.json?v=v4.2.63-hotfix HTTP/1.1
Host: app-config.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aviator-demo.spribegaming.com
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 362
date: Fri, 07 Mar 2025 14:28:55 GMT
x-amzn-requestid: 44c775ae-fe9b-4298-b62b-ba5ab3c0150e
access-control-allow-origin: *
x-amz-apigw-id: HD1aKGhxFiAEVSA=
cache-control: public, max-age=600
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-67cb02a7-7fc118ff571315d80b4c32ef;Parent=049be4ee7639834c;Sampled=0;Lineage=1:a49b3203:0
x-cache: Hit from cloudfront
via: 1.1 37ae9b58b403c8aa72a90cba24bc62fe.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fTsFlma-aofUyE8Jo9Vh1oY5_DKlLrKjmL5sKRIaN8ZsTeOxNszYKQ==
age: 15
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-3.svg?v=v4.2.63-hotfix

18.165.140.66

200 OK

2.8 kB

URL GET
aviator-demo.spribegaming.com/assets/images/canvas/plane/spribe/plane-3.svg?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.8 kB (2786 bytes)
Hash
c0c1daed5055d28e17b6ecb4753f14b2
2afdf71e7a25dd0d58783f3cc5ec18152bab69db
c23d5c682622f52e2926bd6262cf3d383349b3065a7a46753fdac5d441fc686b

HTTP Headers

GET /assets/images/canvas/plane/spribe/plane-3.svg?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
age: 100978
date: Thu, 06 Mar 2025 10:26:13 GMT
last-modified: Thu, 06 Mar 2025 10:26:05 GMT
etag: W/"096950dd41783359c52c37fda2d01c49"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: SGf5kPy14PtvIR_G3YjUQ_WiujoEOZMz9Wxzev0RK9Xj8UpKQiiunA==

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/webpack-8f6b4720fe1e664a.js

104.26.15.99

200 OK

1.5 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/webpack-8f6b4720fe1e664a.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JavaScript source, ASCII text, with very long lines (1493), with no line terminators
Size
1.5 kB (1477 bytes)
Hash
27af14f5f6d52a17449074dcd3d20292
30ba1541919b7713fa903278db0d8b7c87d1fb98
17271245e690e4b7723e596bf466cdd19f50e474863a27c7b012ed8c00cd8401

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/webpack-8f6b4720fe1e664a.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"1a255c69afecb408d84a1892a676c8cc"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXIndSXWpQ9MMu8eZq5idJ1jExM92AjtolZbmMwM9f806oWMEW7r2mvKGToDLcdIK4BUV%2BlHTwL%2BzMsE6CcgZKb20RTXZ%2FRdOsTWuFnGBV65K2oD6Z0KkNgtOMg%2Bh3r0P2%2F8LKQm2qv25pay2t9esQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3ee456a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1169&min_rtt=1163&rtt_var=440&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1709&delivery_rate=1245055&cwnd=249&unsent_bytes=0&cid=111b9d6f1e3185d7&ts=114&x=0", cfL4;desc="?proto=TCP&rtt=906&min_rtt=471&rtt_var=447&sent=109&recv=50&lost=0&retrans=0&sent_bytes=115819&recv_bytes=2937&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=700&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/framework-b96261d959dd50e7.js

104.26.15.99

200 OK

140 kB

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/chunks/framework-b96261d959dd50e7.js
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (139954 bytes)
Hash
e536ba6f7785392ef3f1a39e6b16f765
1dbc14d6c4576da290cae8fae28101125324cc38
01b2e6f89d80bdb988df6fc319dde61a321176d92a06e96f4268a644184df42b

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/chunks/framework-b96261d959dd50e7.js HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"e536ba6f7785392ef3f1a39e6b16f765"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYvYcf%2BhmJWHwmg%2FH5ak55H%2FyKO4eHJ%2BAVrPa4YRhSAoZchz6DyuXeikyFNsbao%2FFrVhPlpqWsNA92%2FUUh%2BF14vcnhymmluE8V46CXb0Wk6ioS3xUvqFvNSe97eRVqiiUAHC55ASVQsu3R8qtTmZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac87e3ee656a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1178&min_rtt=1176&rtt_var=443&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1711&delivery_rate=1231292&cwnd=229&unsent_bytes=0&cid=840f095ffd160611&ts=100&x=0", cfL4;desc="?proto=TCP&rtt=1945&min_rtt=471&rtt_var=2004&sent=126&recv=55&lost=0&retrans=0&sent_bytes=130614&recv_bytes=2937&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=746&x=0"
X-Firefox-Spdy: h2

s.pemsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907740355

95.211.229.245

200 OK

0 B

URL GET
s.pemsrv.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907740355
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintC7:2A:44:43:30:75:58:69:67:28:0B:87:46:C1:BE:7B:47:5D:D8:A3
ValidityMon, 27 Jan 2025 10:55:05 GMT - Sun, 27 Apr 2025 10:55:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907740355 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.178.99

200 OK

7.8 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win.pari-matchin.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 18:16:22 GMT
expires: Fri, 06 Mar 2026 18:16:22 GMT
cache-control: public, max-age=31536000
age: 72766
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/polyfills.1688017b09a0d6b3.js

18.165.140.66

200 OK

97 kB

URL GET
aviator-demo.spribegaming.com/polyfills.1688017b09a0d6b3.js
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
97 kB (97357 bytes)
Hash
5f92d21c9817afc00d47d943d6bdfe17
fb449f81bd1aece704c063895091e8e8d5564e5b
22849147ed7028398ccc4b6bbd0dfd05ce8a50b9ae9ae3c4165b334bf824c392

HTTP Headers

GET /polyfills.1688017b09a0d6b3.js HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 118824
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
content-encoding: gzip
date: Thu, 06 Mar 2025 05:28:46 GMT
cache-control: max-age=604800, public
etag: W/"5f92d21c9817afc00d47d943d6bdfe17"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: mDF8DxWNHsLPAMTW1KgMei-LVshljBbjsFB4c5lr-MeBJVUGFCdbew==

z.cdn.adpool.bet/load?z=1618334356

212.7.203.129

204 No Content

0 B

URL GET
z.cdn.adpool.bet/load?z=1618334356
IP
212.7.203.129:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectadpool.bet
FingerprintC9:F8:2F:E8:61:B6:92:0B:BB:24:AB:52:70:EF:7E:96:66:1C:C0:1A
ValidityFri, 14 Feb 2025 00:12:58 GMT - Thu, 15 May 2025 00:12:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /load?z=1618334356 HTTP/1.1
Host: z.cdn.adpool.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Fri, 07 Mar 2025 14:29:10 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=4565f8e05b67738f; Expires=Fri, 06 Mar 2037 22:00:31 GMT; Path=/; HttpOnly; Domain=.adpool.bet; SameSite=None; Secure
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-27.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.7 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-27.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.7 kB (9698 bytes)
Hash
0ccc5f15f0399e24398cda63d09a8269
a7925bbaef1f59b11f1b276b27b8ed3cf3ce55ee
391a146afffdbe1dfff99e3e5ba3564c8f15eba181f3b4d6022a8023f04ca30b

HTTP Headers

GET /assets/static/avatars/v2/av-27.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9698
age: 100944
date: Thu, 06 Mar 2025 10:26:51 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "0ccc5f15f0399e24398cda63d09a8269"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uE1fJOksofQ43-DUKlsvnYjRbtq8ls0u97Ji1BdeNQ8u-InhVAIs_w==

fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

142.250.74.10

200 OK

3.4 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
ASCII text, with very long lines (3448), with no line terminators
Size
3.4 kB (3376 bytes)
Hash
f60383f75d3c59288502995e4d03d33a
6e9a984a1350d87319096ebd0376c791f195c2b6
6e8538ba4f581a84da88f651c4b04d820c8236f98b2204d1bf67c39f5a37ce9b

HTTP Headers

GET /css2?family=Poppins:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Mar 2025 14:29:07 GMT
date: Fri, 07 Mar 2025 14:29:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

win.pari-matchin.com/mtapi/promo/timestamp

104.26.15.99

200 OK

69 B

URL GET
win.pari-matchin.com/mtapi/promo/timestamp
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
69 B (69 bytes)
Hash
cd717f3b4931107d58b88df6a1c3adb2
2ab60b7c4b3b85b2bc2b94ebb1eaaf093f647538
c1cca3ae3c9c627043c2ecbb9fcd5b54f05d46ec91799132bf6db3bcb6567679

HTTP Headers

GET /mtapi/promo/timestamp HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
DNT: 1
Connection: keep-alive
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:07 GMT
content-type: application/json; charset=utf-8
vary: Origin, Origin
x-krakend: Version 1.0
x-krakend-completed: false
hserver: 7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpF%2Ba%2BKQe8WBjIw9vksJWZWNpC6gXYBhXi2ik23aBbruSTHOWWYa%2BD2bySZvR8MasAJzLWcgFB23vL2Wkov1Ez7iLXJczh%2B7YN10k18R2P34N7b3wA1nk6OoOdqA4MbE%2FEIJPyAC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac87fe9c156a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1622&min_rtt=471&rtt_var=1284&sent=162&recv=60&lost=0&retrans=0&sent_bytes=176787&recv_bytes=3376&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=802&x=0"
X-Firefox-Spdy: h2

win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/close.06a14cd9.svg

104.26.15.99

200 OK

661 B

URL GET
win.pari-matchin.com/in/reg/aviademo-v5/_next/static/media/close.06a14cd9.svg
IP
104.26.15.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerGoogle Trust Services
Subjectpari-matchin.com
Fingerprint0C:3F:1A:5D:B1:D0:03:DA:1F:1B:72:D2:C3:8A:6D:56:0C:06:60:27
ValidityFri, 21 Feb 2025 02:51:14 GMT - Thu, 22 May 2025 03:51:11 GMT

File type
SVG Scalable Vector Graphics image
Size
661 B (661 bytes)
Hash
e81e673948147100d483d995df5662da
de54acfae3b81735b876eaefbe5a79e06e760d43
5b803bc6a0bf1fd4027f815c8480c8f83a3d2baa0ad864070cc2a9faa94716d6

HTTP Headers

GET /in/reg/aviademo-v5/_next/static/media/close.06a14cd9.svg HTTP/1.1
Host: win.pari-matchin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/in/reg/aviademo-v5/_next/static/css/84acd7615d7e5b46.css
Cookie: _sp_ses.c998=*; _sp_id.c998=0c6c9fd0-a935-4859-9062-cc111e300d18.1741357747.1.1741357747..c98835f6-0da3-4ed3-92d2-ac824ee8ba6f....0; voluum_clickid=wkpjf2p6diisie8831odv8oq; voluum_clickid_t=1741357747221; utm_campaign=8280; utm_medium=mobile; utm_source=25040; utm_term=za_bugrom; entrance_url=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; dhash=fe52e3e8-4711-4546-a61d-949f5d9ea037; registerUrl=https://win.pari-matchin.com/in/reg/aviademo-v5?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom; _gcl_au=1.1.1001097897.1741357748; _scid=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _scid_r=7BStoQx1FjSdmN2P408RVRopaS6Ktec6; _ga_F6MKFMM2K3=GS1.1.1741357748.1.0.1741357748.60.0.0; _ga=GA1.1.2102761840.1741357748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 07 Mar 2025 14:29:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=86400, s-maxage=86400, immutable
etag: W/"a8776cbed537e4cafee53e5c9dcca765"
last-modified: Fri, 21 Feb 2025 14:11:24 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FA%2BvJjI%2FEzCTPZ0bwKJ6rf9Buuu4BQdMwRnw5lgOGWPmKVPbV69NUrwJHSHBY2Sm%2Be7tK8iIz6YhSzcHA0iIVm8VAihOInqnBR6JECSNicXeCVDXOWiU8sAxTQ%2FR0MVLWv3Ta5vE9oAauMd0EjnnQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cf-cache-status: MISS
server: cloudflare
cf-ray: 91cac8878fd956a2-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1133&min_rtt=1110&rtt_var=433&sent=3&recv=7&lost=0&retrans=0&sent_bytes=219&recv_bytes=2638&delivery_rate=1304504&cwnd=245&unsent_bytes=0&cid=07ee0be2a4148d67&ts=97&x=0", cfL4;desc="?proto=TCP&rtt=1414&min_rtt=471&rtt_var=697&sent=211&recv=74&lost=0&retrans=0&sent_bytes=225838&recv_bytes=5856&delivery_rate=38430331&cwnd=257&unsent_bytes=0&cid=fdf4669ad3c0173d&ts=2174&x=0"
X-Firefox-Spdy: h2

aviator-demo.spribegaming.com/remove.77a387f030ee9544.svg

18.165.140.66

200 OK

202 B

URL GET
aviator-demo.spribegaming.com/remove.77a387f030ee9544.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
202 B (202 bytes)
Hash
5ad12a97ea7b8b9377d6255769aff564
2fb03108801045bc984a3aff3c8ce35dbde2646f
5a4246d8280adfd773807a888f7ccf2a013dd55a01177be59709bc884df2529d

HTTP Headers

GET /remove.77a387f030ee9544.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 202
age: 103810
last-modified: Wed, 26 Feb 2025 16:45:30 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 09:39:07 GMT
cache-control: max-age=604800, public
etag: "5ece3f93b43c695212d542de8aec0d31"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: e6rPUPxKkvQ1nHahLEIWVDITJD8NpLmYBRG09qBLqPOZDK6E6bu48g==

aviator-demo.spribegaming.com/assets/static/avatars/v2/av-1.png?v=v4.2.63-hotfix

18.165.140.66

200 OK

9.4 kB

URL GET
aviator-demo.spribegaming.com/assets/static/avatars/v2/av-1.png?v=v4.2.63-hotfix
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
9.4 kB (9367 bytes)
Hash
186b7173ae1a5ef99402a6222b6df1e3
1f37c3cacbb3594e5323490d3daa16e98a57a8e9
f4d85c230b309b4230c4314cc18dedf045a2a898cf64b88ff9285706672ea8ff

HTTP Headers

GET /assets/static/avatars/v2/av-1.png?v=v4.2.63-hotfix HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
content-length: 9367
age: 100947
date: Thu, 06 Mar 2025 10:26:48 GMT
last-modified: Thu, 06 Mar 2025 10:26:06 GMT
etag: "186b7173ae1a5ef99402a6222b6df1e3"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, public
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eEouoPVgTffIunzE_S5f_SDuwE0xL1Px0eyZvjgndtQRZlvI94XdXg==

win.pm-5753.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom

104.21.16.1

302 Found

3.0 kB

URL User Request GET
win.pm-5753.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpm-5753.com
FingerprintD1:32:3B:D0:D6:CD:40:9D:AD:84:95:55:98:5D:15:6A:05:25:52:F6
ValidityMon, 10 Feb 2025 05:54:56 GMT - Sun, 11 May 2025 06:52:34 GMT

File type

Size
3.0 kB (2963 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom HTTP/1.1
Host: win.pm-5753.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 07 Mar 2025 14:29:06 GMT
content-type: text/html
content-length: 143
location: https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xf0Ko%2BFUVqSqvsW7eRJ9%2B1UT63sG%2B2fmHhqfjf7xv5zPam2bl4dOrctHhXGPNr9Z2iSn4mZ6UTNRPoyjni9CkDv1N2MTppjZIyppBxjk7hjOYOTk%2Fmlp6XwpRuluf1FarBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 91cac87b0e01569c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=548&min_rtt=510&rtt_var=134&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1427&delivery_rate=7086460&cwnd=253&unsent_bytes=0&cid=e6a57a519d0a5f65&ts=31&x=0"
X-Firefox-Spdy: h2

s.zlinkn.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907744325

95.211.229.246

200 OK

0 B

URL GET
s.zlinkn.com/tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907744325
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://win.pari-matchin.com/in/reg/aviademo-v5/?voluum_clickid=wkpjf2p6diisie8831odv8oq&voluum_campaignid=ed557f3c-6292-4d9a-af21-5ffc4596912c&voluum_offerid=ba46bb46-359d-4db0-979b-ee944941f9ac&utm_campaign=8280&utm_source=25040&utm_medium=mobile&utm_term=za_bugrom
Certificate
IssuerLet's Encrypt
Subjectzlinkn.com
FingerprintB2:5C:4D:8D:B0:9C:FC:73:1B:54:AE:5E:C3:F6:DC:F2:C2:B7:09:49
ValidityMon, 27 Jan 2025 11:04:35 GMT - Sun, 27 Apr 2025 11:04:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag.php?goal=1dba451d66ccf22c64ed0622518557aa&stackUid=20250307142907744325 HTTP/1.1
Host: s.zlinkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.pari-matchin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 14:29:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A111974%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-03-07%22%3B%7D%7D; expires=Sat, 07 Mar 2026 14:29:07 GMT; path=/; domain=.zlink0.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

aviator-demo.spribegaming.com/plus-in-circle.34a62358c343d04d.svg

18.165.140.66

200 OK

242 B

URL GET
aviator-demo.spribegaming.com/plus-in-circle.34a62358c343d04d.svg
IP
18.165.140.66:443
ASN
#16509 AMAZON-02

Requested by
https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Certificate
IssuerAmazon
Subjectspribegaming.com
FingerprintFA:A7:8E:B2:CF:4B:08:6B:ED:59:DC:F8:2D:43:06:EF:B8:37:22:FC
ValidityFri, 24 May 2024 00:00:00 GMT - Sun, 22 Jun 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
242 B (242 bytes)
Hash
0e12004d26c5a2acdd60ed5cc57c98a4
22edbdc99d8397ddc5ae1de808a4a12b653bc368
417e191518c9b607de0c663347b9df6fc5f46db20cec42a622db05d0ad26f5cd

HTTP Headers

GET /plus-in-circle.34a62358c343d04d.svg HTTP/1.1
Host: aviator-demo.spribegaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aviator-demo.spribegaming.com/?currency=USD&operator=demo&jurisdiction=CW&lang=ms&user=3800&token=RuLoV827qSEb1zsiXQF6uSKhEYdaFIqS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/svg+xml
content-length: 242
age: 485819
last-modified: Mon, 17 Feb 2025 16:48:27 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Credentials, Access-Control-Allow-Headers
date: Thu, 06 Mar 2025 02:20:23 GMT
cache-control: max-age=604800, public
etag: "2989145597230391ec27679fb5acc551"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 4cf9c028567cadd1e1afd07523fc03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tmKnnwta60HBLD0vhRKJzVAIFi6FspHaK1YEYcf2OuRZobPC6nTevA==

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML