start.parimatch.com Open in urlscan Pro
104.18.12.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ww2.ueffacpf.org/
Effective URL:
https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaig...
Submission: On October 27 via api (October 27th 2024, 12:18:48 pm UTC) from US — Scanned from CA

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 15 domains to perform 44 HTTP transactions. The main IP is 104.18.12.153, located in and belongs to CLOUDFLARENET, US. The main domain is start.parimatch.com.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.

This is the only time start.parimatch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	64.190.63.136 64.190.63.136	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
2 2	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	3.33.192.145 3.33.192.145	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	15169 (GOOGLE) (GOOGLE)
1 1	2607:f5b7:1:1... 2607:f5b7:1:1e:2::	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	212.7.203.129 212.7.203.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
24	104.18.12.153 104.18.12.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:308e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c03::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
44	11

5 64.190.63.136 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

ww2.ueffacpf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.239.53.32 (New York, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml-v4.startbrws-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.192.145 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

isdover-1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f5b7:1:1e:2:: (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

i37zb.ttrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.203.129 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.protected.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.18.12.153 (None, )

ASN13335 (CLOUDFLARENET, US)

start.parimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:308e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bet.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	parimatch.com start.parimatch.com promo.parimatch.com Failed	1 MB
5	ueffacpf.org 2 redirects ww2.ueffacpf.org	4 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 40609 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12514	90 KB
2	isdover-1.online 1 redirects isdover-1.online	21 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	115 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	bet.pm cdn.bet.pm	24 KB
1	protected.bet 1 redirects z.cdn.protected.bet — Cisco Umbrella Rank: 427063	401 B
1	ttrk.io 1 redirects i37zb.ttrk.io — Cisco Umbrella Rank: 981005	881 B
1	startbrws-2.online 1 redirects xml-v4.startbrws-2.online	352 B
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 343845	234 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 68803	15 KB
0	gemius.pl Failed gde-default.hit.gemius.pl Failed
0	datadome.co Failed js.datadome.co Failed
44	15

	Domain	Requested by
24	start.parimatch.com	isdover-1.online start.parimatch.com
5	ww2.ueffacpf.org	2 redirects ww2.ueffacpf.org
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	isdover-1.online	1 redirects ww2.ueffacpf.org
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	start.parimatch.com www.googletagmanager.com
1	fonts.googleapis.com	start.parimatch.com
1	cdn.bet.pm	start.parimatch.com
1	z.cdn.protected.bet	1 redirects
1	i37zb.ttrk.io	1 redirects
1	xml-v4.startbrws-2.online	1 redirects
1	cdn.perfdrive.com	isdover-1.online
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com
0	promo.parimatch.com Failed	ww2.ueffacpf.org
0	gde-default.hit.gemius.pl Failed	www.googletagmanager.com
0	js.datadome.co Failed	ww2.ueffacpf.org
44	17

This site contains links to these domains. Also see Links.

Domain
ca.parimatch.com

Subject Issuer	Validity	Valid
ww2.ueffacpf.org Encryption Everywhere DV TLS CA - G2	`2024-07-09` - `2025-07-08`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2023-11-13` - `2024-12-14`	a year	crt.sh
isdover-1.online Amazon RSA 2048 M03	`2024-10-14` - `2025-11-12`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
parimatch.com WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
bet.pm WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue
Frame ID: ED25DC485DA50AE25C85167759F097D0
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parimatch. They fight – you win!

Page URL History Show full URLs

https://ww2.ueffacpf.org/ Page URL
https://ww2.ueffacpf.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%... HTTP 302
https://ww2.ueffacpf.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%... HTTP 302
https://xml.sedodna.com/click?i=OX03VzPXO*k_0 HTTP 302
http://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ HTTP 307
https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ Page URL
https://isdover-1.online/api/v1/pxcheck?impId=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ&minfo=eyJjb29r... HTTP 302
http://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0 HTTP 307
https://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0 HTTP 302
https://i37zb.ttrk.io/66e433537194a2eaa91ace51?sub1=66c7fcbd64437a15650368588&sub2=63631&sub3=6590... HTTP 302
https://z.cdn.protected.bet/go?z=1810023228&key=671e2fa4a5fa2015eacf83f8 HTTP 302
https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e19... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

44
Requests

82 %
HTTPS

38 %
IPv6

15
Domains

17
Subdomains

11
IPs

4
Countries

1536 kB
Transfer

2766 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ca.parimatch.com/en/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_source=PM_Canada_Activerevenue&utm_medium=fix&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&regBonus=1

Search URL Search Domain Scan URL

URL: https://ca.parimatch.com/en/login/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_source=PM_Canada_Activerevenue&utm_medium=fix&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&regBonus=1
Title: sign in

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ww2.ueffacpf.org/ Page URL
https://ww2.ueffacpf.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcuMDIxMTEwMTcJd3cyLnVlZmZhY3BmLm9yZzY3MWUyZmEwYmI0MWEzLjQ4MTc1NTcyCTE3MzAwMzE1MjIJYWRfNjNfMA%3D%3D&l=ogcPLis2qMV_zC-DWe7JCticr-m4kB_E__I-MdTdHC26mY2_TGQrgHzis8AZnmllVeOd2Gdc6vGdYwOuAZtX2wNmeLFSdTPMT92YYNcohZr9-z3vQdHlOcPp5H6Xsb-Jju5iBtkN0qLhsE94t8t4op62CHa3TfwJIULFgi7xV7LTGMQ4T3Jz8KN6LOvbBjTcvujlj7bk4XaHyrG2mWjOhL_gjITWprwEBpoxXyJMoURwPGpPQxUKqUu5lPbGs69fwCTjhRdEne6TfNEJvRlCa9fSxBHrpq8ZXrdRt1iLfIiJPxwpvZiU3Bdystv3Z6XukeBy_WDCEY6prLbrLx1yX8iznnBVdcMKHhv4-D-ERdjrI6xxF3yWZg0Remev24uvBIlRhR_ASBU4OYpUQmaAuh1iO_buJ8jAQhAOcaZVkh73GmiD_PAC84mb4BnQNVt3GGq_ucNnY4c_s86yR5-xe5QO7OazqRX6-5HzvCxFyQvAiv7h7UOmzRm9sMpSfusxZJRUl_R5nAQOIXI-QtEmoBXfqCS-FMaLBCdof2kYpyWQgL6McaZsPHNnZEiK2zSSWq_r3fOkxPdczn_XbqTSlWzaZ6U7eg0YhyGN-uiYbA8Qgnh1nUAp-DbQ_ofrdBKZF0ezqEIhBBhmrZNv3mHFK6f-0kgpfYsVrfFNAy5U0AvBfO3r_uq6vjOzotlUxOnaGbA9US4WvhLK37E HTTP 302
https://ww2.ueffacpf.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcuMDIxMTEwMTcJd3cyLnVlZmZhY3BmLm9yZzY3MWUyZmEwYmI0MWEzLjQ4MTc1NTcyCTE3MzAwMzE1MjIJYWRfNjNfMA%3D%3D&l=ogcPLis2qMV_zC-DWe7JCticr-m4kB_E__I-MdTdHC26mY2_TGQrgHzis8AZnmllVeOd2Gdc6vGdYwOuAZtX2wNmeLFSdTPMT92YYNcohZr9-z3vQdHlOcPp5H6Xsb-Jju5iBtkN0qLhsE94t8t4op62CHa3TfwJIULFgi7xV7LTGMQ4T3Jz8KN6LOvbBjTcvujlj7bk4XaHyrG2mWjOhL_gjITWprwEBpoxXyJMoURwPGpPQxUKqUu5lPbGs69fwCTjhRdEne6TfNEJvRlCa9fSxBHrpq8ZXrdRt1iLfIiJPxwpvZiU3Bdystv3Z6XukeBy_WDCEY6prLbrLx1yX8iznnBVdcMKHhv4-D-ERdjrI6xxF3yWZg0Remev24uvBIlRhR_ASBU4OYpUQmaAuh1iO_buJ8jAQhAOcaZVkh73GmiD_PAC84mb4BnQNVt3GGq_ucNnY4c_s86yR5-xe5QO7OazqRX6-5HzvCxFyQvAiv7h7UOmzRm9sMpSfusxZJRUl_R5nAQOIXI-QtEmoBXfqCS-FMaLBCdof2kYpyWQgL6McaZsPHNnZEiK2zSSWq_r3fOkxPdczn_XbqTSlWzaZ6U7eg0YhyGN-uiYbA8Qgnh1nUAp-DbQ_ofrdBKZF0ezqEIhBBhmrZNv3mHFK6f-0kgpfYsVrfFNAy5U0AvBfO3r_uq6vjOzotlUxOnaGbA9US4WvhLK37E HTTP 302
https://xml.sedodna.com/click?i=OX03VzPXO*k_0 HTTP 302
http://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ HTTP 307
https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ Page URL
https://isdover-1.online/api/v1/pxcheck?impId=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9pc2RvdmVyLTEub25saW5lL2FwaS92MS9weD94bWxpZD16aTBSYXdLZkhtQjAyRWt3RDhSRFpYMUIxYjZ6c0R5Y21zV0gwQlNRIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
http://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0 HTTP 307
https://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0 HTTP 302
https://i37zb.ttrk.io/66e433537194a2eaa91ace51?sub1=66c7fcbd64437a15650368588&sub2=63631&sub3=6590992&sub4=Bell+Canada&sub5=ww2.ueffacpf.org&sub6=1490811&sub7=ueffacpf&ref_id=jIN0cX7V*PM&cost=0.0025 HTTP 302
https://z.cdn.protected.bet/go?z=1810023228&key=671e2fa4a5fa2015eacf83f8 HTTP 302
https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://ww2.ueffacpf.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcuMDIxMTEwMTcJd3cyLnVlZmZhY3BmLm9yZzY3MWUyZmEwYmI0MWEzLjQ4MTc1NTcyCTE3MzAwMzE1MjIJYWRfNjNfMA%3D%3D&l=ogcPLis2qMV_zC-DWe7JCticr-m4kB_E__I-MdTdHC26mY2_TGQrgHzis8AZnmllVeOd2Gdc6vGdYwOuAZtX2wNmeLFSdTPMT92YYNcohZr9-z3vQdHlOcPp5H6Xsb-Jju5iBtkN0qLhsE94t8t4op62CHa3TfwJIULFgi7xV7LTGMQ4T3Jz8KN6LOvbBjTcvujlj7bk4XaHyrG2mWjOhL_gjITWprwEBpoxXyJMoURwPGpPQxUKqUu5lPbGs69fwCTjhRdEne6TfNEJvRlCa9fSxBHrpq8ZXrdRt1iLfIiJPxwpvZiU3Bdystv3Z6XukeBy_WDCEY6prLbrLx1yX8iznnBVdcMKHhv4-D-ERdjrI6xxF3yWZg0Remev24uvBIlRhR_ASBU4OYpUQmaAuh1iO_buJ8jAQhAOcaZVkh73GmiD_PAC84mb4BnQNVt3GGq_ucNnY4c_s86yR5-xe5QO7OazqRX6-5HzvCxFyQvAiv7h7UOmzRm9sMpSfusxZJRUl_R5nAQOIXI-QtEmoBXfqCS-FMaLBCdof2kYpyWQgL6McaZsPHNnZEiK2zSSWq_r3fOkxPdczn_XbqTSlWzaZ6U7eg0YhyGN-uiYbA8Qgnh1nUAp-DbQ_ofrdBKZF0ezqEIhBBhmrZNv3mHFK6f-0kgpfYsVrfFNAy5U0AvBfO3r_uq6vjOzotlUxOnaGbA9US4WvhLK37E HTTP 302
https://ww2.ueffacpf.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcuMDIxMTEwMTcJd3cyLnVlZmZhY3BmLm9yZzY3MWUyZmEwYmI0MWEzLjQ4MTc1NTcyCTE3MzAwMzE1MjIJYWRfNjNfMA%3D%3D&l=ogcPLis2qMV_zC-DWe7JCticr-m4kB_E__I-MdTdHC26mY2_TGQrgHzis8AZnmllVeOd2Gdc6vGdYwOuAZtX2wNmeLFSdTPMT92YYNcohZr9-z3vQdHlOcPp5H6Xsb-Jju5iBtkN0qLhsE94t8t4op62CHa3TfwJIULFgi7xV7LTGMQ4T3Jz8KN6LOvbBjTcvujlj7bk4XaHyrG2mWjOhL_gjITWprwEBpoxXyJMoURwPGpPQxUKqUu5lPbGs69fwCTjhRdEne6TfNEJvRlCa9fSxBHrpq8ZXrdRt1iLfIiJPxwpvZiU3Bdystv3Z6XukeBy_WDCEY6prLbrLx1yX8iznnBVdcMKHhv4-D-ERdjrI6xxF3yWZg0Remev24uvBIlRhR_ASBU4OYpUQmaAuh1iO_buJ8jAQhAOcaZVkh73GmiD_PAC84mb4BnQNVt3GGq_ucNnY4c_s86yR5-xe5QO7OazqRX6-5HzvCxFyQvAiv7h7UOmzRm9sMpSfusxZJRUl_R5nAQOIXI-QtEmoBXfqCS-FMaLBCdof2kYpyWQgL6McaZsPHNnZEiK2zSSWq_r3fOkxPdczn_XbqTSlWzaZ6U7eg0YhyGN-uiYbA8Qgnh1nUAp-DbQ_ofrdBKZF0ezqEIhBBhmrZNv3mHFK6f-0kgpfYsVrfFNAy5U0AvBfO3r_uq6vjOzotlUxOnaGbA9US4WvhLK37E HTTP 302
https://xml.sedodna.com/click?i=OX03VzPXO*k_0 HTTP 302
http://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ HTTP 307
https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
ww2.ueffacpf.org/ 3 KB
2 KB 2691ms
1602ms Document
text/html 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2.ueffacpf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: 2155db2b014e7b9eda7b79e7a10b252f8efda2dcdabded68cc11a3169449792d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 27 Oct 2024 12:18:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 27 Oct 2024 12:18:40 GMT
pragma: no-cache
server: Parking/1.0
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_L+wZhJGGhMRwctmK8UuzI9Dzi4W3gzDl0Na2lCwjt6nivIVKHi8deEngs9StngerXFkhqT7gpTiQdnMWhOgtWg==
x-cache-miss-from: parking-697b9cf7ff-px5gg

GET
H2 441 js_preloader.gif
ww2.ueffacpf.org/img.sedoparking.com/images/ 0
19 B 151ms
151ms Image
text/plain 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww2.ueffacpf.org/img.sedoparking.com/images/js_preloader.gif
Requested by: Host: ww2.ueffacpf.org
URL: https://ww2.ueffacpf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ww2.ueffacpf.org/

Response headers

date: Sun, 27 Oct 2024 12:18:42 GMT
server: Parking/1.0
content-length: 0

GET
H2 200 tsc.php
ww2.ueffacpf.org/search/ 0
35 B 241ms
240ms XHR
text/html 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2.ueffacpf.org/search/tsc.php?ses=ogcDNmmKSy5ntIqmW7k4_ooBdarbj86BoVgb40rhW8cVWf4SuZTnZLH4C_7OfEaKGZalGujE4QhndRE6eTu1D6DwiQttroE75WjjGcOjArbAc2P3t72A9ZD8Mn5MHJca_102ITZoQsJFJAhRrP_FbOqQTXuG6Eli344qnqAvPzsV3rRAgfUnaxE5fiAm7xYweOdS7ZdfPM3T8X2nyFLuxll3-RmYARlu-_cbKlR3m5KKkxv1_sdXc-p9_4n_CBY4WW6PZqmnhhrvIgD4ZkYSpL8TQMp0uv2QRZLU6Brd288CpqG_7jNM2HW4iDYpq25OJ0MKhyA8f5ILLvnmMmS4F_mojSREwCqAw_Dc6KKfxnPMsYpzZT474ZEjXVywrw&cv=2
Requested by: Host: ww2.ueffacpf.org
URL: https://ww2.ueffacpf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ww2.ueffacpf.org/

Response headers

x-cache-miss-from: parking-697b9cf7ff-9j6x4
content-length: 0
date: Sun, 27 Oct 2024 12:18:42 GMT
content-type: text/html; charset=UTF-8
server: Parking/1.0

GET
H2 200 sedo_logo.png
img.sedoparking.com/templates/logos/ 15 KB
15 KB 269ms
40ms Other
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ww2.ueffacpf.org/

Response headers

x-cf2: H
expires: Sun, 03 Nov 2024 12:18:42 GMT
x-cf1: 11696:fA.yyz1:cf:nom:cacheN.yyz1-01:H
date: Sun, 27 Oct 2024 12:18:42 GMT
cf4ttl: 31536000.000
content-type: image/png
x-cf-reqid: 18fc7a69d96735303d7dd7107d26628a
last-modified: Mon, 11 Jan 2021 07:44:34 GMT
x-cff: B
cf4age: 0
cache-control: max-age=604800
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15086
x-cfhash: "def00c11b1596db4efee6a9fbe64fc27"
x-cf-tsc: 1721143080
server: CFS 0215

GET
H2

200

px Show response
isdover-1.online/api/v1/
Redirect Chain

https://ww2.ueffacpf.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcu...
https://ww2.ueffacpf.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOX03VzPXO%2Ak_0&v=N2I0NGNkMzRiNGRhYTEzZjY4ZjI4YjA4NmVhOGRiYzMJMQl3dzIudWVmZmFjcGYub3JnNjcxZTJmYTBiYjNjZjcu...
https://xml.sedodna.com/click?i=OX03VzPXO*k_0
http://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ
https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ

114 KB
21 KB

371ms
110ms

Document
text/html

3.33.192.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ
Requested by: Host: ww2.ueffacpf.org
URL: https://ww2.ueffacpf.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: fbe59f7eb70077913422c740551e6454465984c0b34201cdb5da142206700001

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Oct 2024 12:18:43 GMT
etag: W/"1c8f9-hu4o2FW2NHgmV2EAEAuyCXdMtro"
vary: Accept-Encoding

Redirect headers

Location: https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 240 KB
90 KB 241ms
40ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: isdover-1.online
URL: https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://isdover-1.online/

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"6718b9ef-3bf3a"
age: 2881
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91395
date: Sun, 27 Oct 2024 11:30:42 GMT
last-modified: Wed, 23 Oct 2024 08:55:11 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
414 B 250ms
74ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://isdover-1.online/

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
date: Sun, 27 Oct 2024 12:18:44 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 255 B
400 B 248ms
74ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://isdover-1.online/

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
date: Sun, 27 Oct 2024 12:18:44 GMT
content-type: text/plain; charset=UTF-8

GET
H3

200

Primary Request / Show response
start.parimatch.com/ca/hockey/
Redirect Chain

https://isdover-1.online/api/v1/pxcheck?impId=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81Mzcu...
http://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0
https://xml-v4.startbrws-2.online/click?seat=3024172&i=YYQWSN6xjJE_0
https://i37zb.ttrk.io/66e433537194a2eaa91ace51?sub1=66c7fcbd64437a15650368588&sub2=63631&sub3=6590992&sub4=Bell+Canada&sub5=ww2.ueffacpf.org&sub6=1490811&sub7=ueffacpf&ref_id=jIN0cX7V*PM&cost=0.0025
https://z.cdn.protected.bet/go?z=1810023228&key=671e2fa4a5fa2015eacf83f8
https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_sourc...

13 KB
5 KB

607ms
332ms

Document
text/html

104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Requested by

Host: isdover-1.online
URL: https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

927f3010a30fe333c44c6a5fa3b12cbf22fd92d18350c92ab02a6314618fd4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 8d92a16d6b45a253-YYZ
content-encoding: gzip
content-length: 4881
content-type: text/html; charset=UTF-8
date: Sun, 27 Oct 2024 12:18:46 GMT
expires: Sun, 27 Oct 2024 16:18:46 GMT
hserver: 9
last-modified: Sun, 27 Oct 2024 12:18:46 GMT
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 0
date: Sun, 27 Oct 2024 12:18:45 GMT
location: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H3 200 bundle.css
start.parimatch.com/ca/hockey/public/ 95 KB
15 KB 50ms
49ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b035fc19a27576225ff5bbcefb7efe0941da7c48aafc9501d3016b1c147545e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "17a2e-5f81e914d9cd2-gzip"
hserver: 9
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/css
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a16fad0aa253-YYZ
accept-ranges: bytes
content-length: 15401
server: cloudflare

GET
H3 200 loader.css
start.parimatch.com/common/css/ 1 KB
775 B 121ms
120ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/common/css/loader.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c60878820b3eb1ea8d88cdc9412c024404b5a46d45d8b96055ef33e042db8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "5c6-5a4e3059b6c97-gzip"
hserver: 7
age: 245953
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/css
last-modified: Tue, 05 May 2020 09:10:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a16fad0ca253-YYZ
accept-ranges: bytes
content-length: 507
server: cloudflare

GET
H3 200 s.js Show response
start.parimatch.com/fpapi/ 103 KB
30 KB 122ms
118ms Script
text/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/fpapi/s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
hserver: 10
age: 245953
x-content-type-options: nosniff
cf-ray: 8d92a1727f3ea253-YYZ
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 15:59:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mlibrary.js Show response
start.parimatch.com/mtapi/js/build/ 37 KB
9 KB 123ms
122ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/mtapi/js/build/mlibrary.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "92ac-60acfc382665d-gzip"
age: 2622
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 11:01:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
cf-ray: 8d92a16fad0da253-YYZ
accept-ranges: bytes
content-length: 8677
server: cloudflare

GET
H3 200 logo-pm.svg
start.parimatch.com/ca/hockey/public/images/ 2 KB
1 KB 127ms
126ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/logo-pm.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2d0abaea6f8212a7e06c6ef1f9288aafda8d1e7bbfc7b7599378187e5cf14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"806-5f81e914f2372"
age: 245796
hserver: 8
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a16fad0ea253-YYZ
server: cloudflare

GET
H3 200 partners.png
start.parimatch.com/ca/hockey/public/images/ 6 KB
6 KB 131ms
130ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/partners.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e239953ac6a1b7c4b4be08dde00a96ddfce0ede6998d72207d4e7c875b9f895e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "1afa-5f81e914f3312"
hserver: 10
cf-cache-status: HIT
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origFmt=png, origSize=6906
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="partners.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a16fad0fa253-YYZ
accept-ranges: bytes
content-length: 6154
server: cloudflare

GET
H3 200 player1.png
start.parimatch.com/ca/hockey/public/images/ 133 KB
133 KB 68ms
68ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/player1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf8b8f8041acab7b0b86502ebd6b71d78fbd103ae1c4bfb234da74f2cec9aad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "2400e-5f81e914f3312"
hserver: 5
cf-cache-status: HIT
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origFmt=png, origSize=147470
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="player1.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1708dd9a253-YYZ
accept-ranges: bytes
content-length: 136232
server: cloudflare

GET
H3 200 player2.png
start.parimatch.com/ca/hockey/public/images/ 134 KB
135 KB 189ms
189ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/player2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610ad5c6d284371a8a97c6d4ecf312d91c536939cf3e2a8e548fb04332598a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "2320b-5f81e914f3312"
hserver: 5
cf-cache-status: HIT
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origFmt=png, origSize=143883
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="player2.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a170adfaa253-YYZ
accept-ranges: bytes
content-length: 137514
server: cloudflare

GET
H3 200 brock.png
start.parimatch.com/ca/hockey/public/images/ 155 KB
155 KB 59ms
59ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/brock.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e48e91ef870e4576fba3446bed576433b0ee8642ea6eca12724cb566e59292

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "27957-5f81e914f2372"
hserver: 8
cf-cache-status: HIT
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origFmt=png, origSize=162135
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="brock.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a171decca253-YYZ
accept-ranges: bytes
content-length: 158464
server: cloudflare

GET
H3 200 shayba.png
start.parimatch.com/ca/hockey/public/images/ 335 KB
336 KB 95ms
92ms Image
image/png 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/shayba.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a9a45b35002f7f4898358a1b375b9a2cdd2d4429759bfb5da9337073ede77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "60a45-5f81e914f42b2"
hserver: 10
cf-cache-status: HIT
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origSize=395845, status=webp_bigger
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/png
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f40a253-YYZ
accept-ranges: bytes
content-length: 343358
server: cloudflare

GET
H3 200 bonus.svg
start.parimatch.com/ca/hockey/public/images/ 8 KB
3 KB 126ms
123ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/bonus.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa72b3aa4483664915b0f64975df8d9ae080af0a95bda407c090919df1b26f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1e44-5f81e914f2372"
age: 245796
hserver: 10
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f41a253-YYZ
server: cloudflare

GET
H3 200 partners-mob.png
start.parimatch.com/ca/hockey/public/images/ 34 KB
35 KB 89ms
86ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/partners-mob.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3c2f7c791c8eaede5f11cce52868975fb76bd9ab7ddda503d231909622b675

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "9905-5f81e914f3312"
hserver: 7
cf-cache-status: HIT
age: 245788
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: origFmt=png, origSize=39173
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="partners-mob.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f42a253-YYZ
accept-ranges: bytes
content-length: 35188
server: cloudflare

GET
H3 200 password-validation.js Show response
cdn.bet.pm/common/js/global-password-validation/dist/ 77 KB
24 KB 282ms
81ms Script
application/javascript 2606:4700:3033::6815:308e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/global-password-validation/dist/password-validation.js?v=1.001
Requested by: Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:308e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a26202c241673b01c9d5d00ce9dd7b81587a1d2614699eda17ec4a6a3160be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1332a-5e8071f4afaf8-gzip"
age: 7083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EG1B9G0mA9teSlqC4RoYA6OS7dSxjbC8QCFsdc5qjZ4ITWQhlYMNWw2uh697Per70J2%2BECs4QzOvGZ9HlW0Lgp92LwePDHLy486SbRjk%2Fda2S9SyclViMDoUsKfph3UuuK%2FvwhNKxa7p"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=81771&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4166&recv_bytes=4211&delivery_rate=40446&cwnd=12000&unsent_bytes=0&cid=808f15e973b0b2ee&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 12:18:47 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 19:22:50 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d92a173ee2d19cf-EWR
accept-ranges: bytes
content-length: 23847
server: cloudflare

GET
H3 200 modernizr-custom.js Show response
start.parimatch.com/ca/hockey/public/ 3 KB
2 KB 68ms
68ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/hockey/public/modernizr-custom.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "aa9-5cfd0e5554cce-gzip"
hserver: 10
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Tue, 02 Nov 2021 16:36:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1722ef7a253-YYZ
accept-ranges: bytes
content-length: 1329
server: cloudflare

GET
H3 200 vendor.js Show response
start.parimatch.com/ca/hockey/public/ 86 KB
30 KB 64ms
63ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/hockey/public/vendor.js?v=33

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c271317e645e797abae29e848bcc6c3ebca2a117c307a7adec6eff55b93bcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "159a2-5f81e914f42b2-gzip"
hserver: 8
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f38a253-YYZ
accept-ranges: bytes
content-length: 30871
server: cloudflare

GET
H3 200 bundle.js Show response
start.parimatch.com/ca/hockey/public/ 324 KB
99 KB 119ms
116ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/hockey/public/bundle.js?v=35

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d44b622db4927876b424f3ca4836a72f861cbdaca98f8ee771d42f565a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "511e1-5f81e914dac72-gzip"
hserver: 5
age: 245796
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f3aa253-YYZ
server: cloudflare

GET
H3 200 phoneMasks.js Show response
start.parimatch.com/common/global-phone-mask/dist/ 234 KB
46 KB 107ms
105ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/common/global-phone-mask/dist/phoneMasks.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25da5149c86fecfedb9cb067dc0322c3c5299277ce25cdef9221fd89dc315820

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3a839-5e83abd0b9715-gzip"
hserver: 5
age: 245951
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 08:57:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f44a253-YYZ
accept-ranges: bytes
content-length: 46673
server: cloudflare

GET
H3 200 auth-helper-v2.js Show response
start.parimatch.com/common/js/ 16 KB
4 KB 143ms
141ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/common/js/auth-helper-v2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61dda6b9a8b6974016e347a8d42b48f4fba94c2a187549522f4dbcc37b2924f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3f73-5edbfb3f0440c-gzip"
hserver: 10
age: 245951
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 14:41:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f45a253-YYZ
accept-ranges: bytes
content-length: 3835
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 300ms
98ms Stylesheet
text/css 2607:f8b0:400d:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ec296468d76de22a3e834179b4aa57563b76b2946487169ab7726ac98c668c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 12:18:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 27 Oct 2024 11:25:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 include.css
start.parimatch.com/templates/assets/fonts/Gilroy/ 10 KB
915 B 215ms
214ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dea1ce0c87ed238683103ba2142e4276db81f69039dcd86638b3492c2eb0e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "28b4-5c6212c59bde6-gzip"
hserver: 10
age: 245952
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/css
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1709de6a253-YYZ
accept-ranges: bytes
content-length: 646
server: cloudflare

GET
H3 200 include.css
start.parimatch.com/templates/assets/fonts/Parimatch/ 3 KB
601 B 214ms
213ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c67cb5ec1205e71ea8c7d3188e95b18bfb069f795aceb623c5c0999d044ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "ae5-5cfe1c8f4d18c-gzip"
hserver: 5
age: 245952
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: text/css
last-modified: Wed, 03 Nov 2021 12:45:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1709de7a253-YYZ
accept-ranges: bytes
content-length: 334
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
115 KB 299ms
91ms Script
application/javascript 2607:f8b0:400d:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CZS6L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56196d223fb44e8e601914bb31c26eb6680fc2bc5e5a23820d195bcea120205a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 27 Oct 2024 12:18:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 12:18:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 27 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117321
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 timestamp Show response
start.parimatch.com/mtapi/promo/ 69 B
287 B 147ms
146ms Fetch
application/json 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/mtapi/promo/timestamp

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/mtapi/js/build/mlibrary.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25af1c4433d1a8143f14b47a7d428d709e1f46d21be160566a807598f85b00ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
content-encoding: br
cf-cache-status: HIT
age: 245951
hserver: 5
x-content-type-options: nosniff
cf-ray: 8d92a1727f47a253-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: application/json; charset=utf-8
last-modified: Thu, 24 Oct 2024 15:59:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bg.jpg
start.parimatch.com/ca/hockey/public/images/ 165 KB
165 KB 151ms
151ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/hockey/public/images/bg.jpg

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9978927138c48bfd03dcf6a6af467a12676e6cdc29540d2b3d484180b402fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/hockey/public/bundle.css?v=32

Response headers

cf-bgj: imgq:85,h2pri
etag: "4155d-5f81e914f2372"
hserver: 5
cf-cache-status: HIT
age: 245512
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=267613
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
content-type: image/webp
content-disposition: inline; filename="bg.webp"
vary: Accept
last-modified: Thu, 30 Mar 2023 14:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1727f48a253-YYZ
accept-ranges: bytes
content-length: 168586
server: cloudflare

GET
H3 200 Parimatch-Regular.woff2
start.parimatch.com/templates/assets/fonts/Parimatch/ 18 KB
18 KB 150ms
149ms Font
text/plain 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Parimatch/Parimatch-Regular.woff2

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b2f42cbbfd7d9f8cfe21d2da01cd1772d11f3b8181ec794b41d27655576211

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Response headers

cf-cache-status: HIT
etag: "47c4-5c6212c59dd26"
age: 72849
hserver: 8
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1729f55a253-YYZ
accept-ranges: bytes
content-length: 18372
server: cloudflare

GET
H3 200 Parimatch-Bold.woff2
start.parimatch.com/templates/assets/fonts/Parimatch/ 18 KB
18 KB 153ms
152ms Font
text/plain 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Parimatch/Parimatch-Bold.woff2

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2899d9dec182f7f4db42e9c707cc7cd8b9175193cf04c869a2aec2ba376d1e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Response headers

cf-cache-status: HIT
etag: "4760-5c6212c59cd86"
age: 69501
hserver: 8
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 16:18:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Oct 2024 12:18:46 GMT
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d92a1729f5aa253-YYZ
accept-ranges: bytes
content-length: 18272
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 233ms
98ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://fonts.googleapis.com/

Response headers

age: 237402
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 18:22:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 18:22:04 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET /
start.parimatch.com/forms/masks/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET destination
www.googletagmanager.com/gtag/ 0
0

GET tags.js
js.datadome.co/ 0
0

GET xgde.js
gde-default.hit.gemius.pl/gdejs/ 0
0

GET adp.js
promo.parimatch.com/api/adpool/static/ 0
0

GET io.js
promo.parimatch.com/api/io/static/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: start.parimatch.com
URL: https://start.parimatch.com/forms/masks/?brand=com

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8JBDTJ7DV&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9774526&l=dataLayer&cx=c

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-693592642&l=dataLayer&cx=c

Domain: js.datadome.co
URL: https://js.datadome.co/tags.js

Domain: gde-default.hit.gemius.pl
URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js

Domain: promo.parimatch.com
URL: https://promo.parimatch.com/api/adpool/static/adp.js

Domain: promo.parimatch.com
URL: https://promo.parimatch.com/api/io/static/io.js

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.isdover-1.online/	1970-01-21 04:53:03	Name: __ssds Value: 2
.isdover-1.online/	1970-01-21 04:53:03	Name: __ssuzjsr2 Value: a9be0cd8e
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmaj2 Value: c6287be1-e9b1-45ae-9a39-6ec32cef168b
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmbj2 Value: 1730031524
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmcj2 Value: 758141088893
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmdj2 Value: 1730031524
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmlj2 Value: vatMmlCCqDdptaoS4t8ZfpuDmlO8a2erdJ/G7Pi9wn8=
.isdover-1.online/	1970-01-21 04:53:03	Name: __uzmfj2 Value: 7f60003b73fd0b-a954-4490-87a1-18a7282be13817300315242450-2576ddf176646ca210
.i37zb.ttrk.io/	1970-01-21 00:35:17	Name: redcmps Value: W3siaWQiOiI2NmU0MzM1MzcxOTRhMmVhYTkxYWNlNTEiLCJ0IjoiMjAyNC0xMC0yN1QxMjoxODo0NC45Njc5OTQ4NzZaIn1d
.i37zb.ttrk.io/	1970-01-21 09:19:27	Name: redhash Value: NjcxZTJmYTRhNWZhMjAxNWVhY2Y4M2Y4fDB8NjZlNDMzNTM3MTk0YTJlYWE5MWFjZTUxfHxjMGMwYzBmZC03M2YzLTQzY2UtYTY5ZS1hOTA5Y2YxMGVkZDd8MTczMDAzMTUyNA==
z.cdn.protected.bet/	1970-01-21 10:09:51	Name: AU Value: 9d9fe28f6de0b448
.parimatch.com/	1970-01-21 00:54:01	Name: adtag Value: u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228
.parimatch.com/	1970-01-21 00:54:01	Name: adtag_t Value: 1729785573588
.parimatch.com/	1970-01-21 00:43:56	Name: utm_campaign Value: PM_Canada_PM_CA_Activerevenue_sport_1810023228
.parimatch.com/	1970-01-21 00:43:56	Name: utm_medium Value: fix
.parimatch.com/	1970-01-21 00:43:56	Name: utm_source Value: PM_Canada_Activerevenue
.parimatch.com/	1970-01-21 00:35:17	Name: entrance_url Value: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue
.parimatch.com/	1970-01-21 09:19:27	Name: dhash Value: fb8137f1-fff4-461c-8f78-ce610c0845e1
.parimatch.com/	1970-01-21 00:54:01	Name: registerUrl Value: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue
.parimatch.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3cdd7b92f0a0ebc25bd0db0cce4f13bf2c76cd74-1730031526
start.parimatch.com/	1970-01-21 00:33:53	Name: _sp_ses.4adb Value: *
start.parimatch.com/	1970-01-21 10:09:51	Name: _sp_id.4adb Value: f93b115e-87ea-4519-8225-2ed95bdb1a4b.1730031527.1.1730031527..2dac8a60-1a7f-4148-85db-86efec141b43....0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ww2.ueffacpf.org/img.sedoparking.com/images/js_preloader.gif Message: Failed to load resource: the server responded with a status of 441 ()
rendering	warning	URL: https://isdover-1.online/api/v1/px?xmlid=zi0RawKfHmB02EkwD8RDZX1B1b6zsDycmsWH0BSQ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D003C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D003C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A020CF033C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A00026093C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0CE033C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
recommendation	verbose	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A04056103C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://start.parimatch.com/ca/hockey/?adtag=u9d9fe28f6de0b448_a_b1685539290_c1810023228_d1404214233_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_sport_1810023228&utm_medium=fix&utm_source=PM_Canada_Activerevenue Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A056103C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.bet.pm
cdn.perfdrive.com
fonts.googleapis.com
fonts.gstatic.com
gde-default.hit.gemius.pl
i37zb.ttrk.io
img.sedoparking.com
isdover-1.online
js.datadome.co
promo.parimatch.com
start.parimatch.com
ww2.ueffacpf.org
www.googletagmanager.com
xml-v4.startbrws-2.online
xml.sedodna.com
z.cdn.protected.bet
gde-default.hit.gemius.pl
js.datadome.co
promo.parimatch.com
start.parimatch.com
www.googletagmanager.com
104.18.12.153
130.211.29.114
173.239.53.32
205.234.175.175
212.7.203.129
2606:4700:3033::6815:308e
2607:f5b7:1:1e:2::
2607:f8b0:4004:c06::5e
2607:f8b0:400d:c00::61
2607:f8b0:400d:c03::5f
3.33.192.145
35.241.15.240
64.190.63.136
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
0ec296468d76de22a3e834179b4aa57563b76b2946487169ab7726ac98c668c0
2155db2b014e7b9eda7b79e7a10b252f8efda2dcdabded68cc11a3169449792d
25af1c4433d1a8143f14b47a7d428d709e1f46d21be160566a807598f85b00ba
25da5149c86fecfedb9cb067dc0322c3c5299277ce25cdef9221fd89dc315820
2899d9dec182f7f4db42e9c707cc7cd8b9175193cf04c869a2aec2ba376d1e44
3c60878820b3eb1ea8d88cdc9412c024404b5a46d45d8b96055ef33e042db8e7
4d2d0abaea6f8212a7e06c6ef1f9288aafda8d1e7bbfc7b7599378187e5cf14c
4d44b622db4927876b424f3ca4836a72f861cbdaca98f8ee771d42f565a9b783
56196d223fb44e8e601914bb31c26eb6680fc2bc5e5a23820d195bcea120205a
58e48e91ef870e4576fba3446bed576433b0ee8642ea6eca12724cb566e59292
5c271317e645e797abae29e848bcc6c3ebca2a117c307a7adec6eff55b93bcc9
610ad5c6d284371a8a97c6d4ecf312d91c536939cf3e2a8e548fb04332598a5d
61dda6b9a8b6974016e347a8d42b48f4fba94c2a187549522f4dbcc37b2924f1
6a3c2f7c791c8eaede5f11cce52868975fb76bd9ab7ddda503d231909622b675
6dea1ce0c87ed238683103ba2142e4276db81f69039dcd86638b3492c2eb0e84
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
927f3010a30fe333c44c6a5fa3b12cbf22fd92d18350c92ab02a6314618fd4b4
a3b2f42cbbfd7d9f8cfe21d2da01cd1772d11f3b8181ec794b41d27655576211
a7a9a45b35002f7f4898358a1b375b9a2cdd2d4429759bfb5da9337073ede77f
a9978927138c48bfd03dcf6a6af467a12676e6cdc29540d2b3d484180b402fff
b035fc19a27576225ff5bbcefb7efe0941da7c48aafc9501d3016b1c147545e4
bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31
cf8b8f8041acab7b0b86502ebd6b71d78fbd103ae1c4bfb234da74f2cec9aad8
d5c67cb5ec1205e71ea8c7d3188e95b18bfb069f795aceb623c5c0999d044ccd
e239953ac6a1b7c4b4be08dde00a96ddfce0ede6998d72207d4e7c875b9f895e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a26202c241673b01c9d5d00ce9dd7b81587a1d2614699eda17ec4a6a3160be
fa72b3aa4483664915b0f64975df8d9ae080af0a95bda407c090919df1b26f9a
fbe59f7eb70077913422c740551e6454465984c0b34201cdb5da142206700001

start.parimatch.com Open in urlscan Pro 104.18.12.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

82 %HTTPS

38 %IPv6

15 Domains

17 Subdomains

11 IPs

4 Countries

1536 kBTransfer

2766 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

start.parimatch.com Open in urlscan Pro
104.18.12.153 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

82 %
HTTPS

38 %
IPv6

15
Domains

17
Subdomains

11
IPs

4
Countries

1536 kB
Transfer

2766 kB
Size

22
Cookies

44 HTTP transactions
0 data transactions