start.parimatch.com Open in urlscan Pro
104.18.12.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.credit-spirit.com/
Effective URL:
https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d179123932...
Submission: On October 10 via automatic, source certstream-suspicious (October 10th 2024, 12:30:28 pm UTC) — Scanned from CA

Summary HTTP 43 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 43 HTTP transactions. The main IP is 104.18.12.153, located in and belongs to CLOUDFLARENET, US. The main domain is start.parimatch.com.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.

This is the only time start.parimatch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.234.192.109 172.234.192.109	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
2	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2604:9a00:201... 2604:9a00:2010:a03a:5::	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	212.7.203.129 212.7.203.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
20	104.18.12.153 104.18.12.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0c::5f	15169 (GOOGLE) (GOOGLE)
43	7

1 172.234.192.109 (Chicago, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-234-192-109.ip.linodeusercontent.com

www.credit-spirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

exploretop-a.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.239.53.32 (New York, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.optargone-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tq.optargone-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9a00:2010:a03a:5:: (Upper Marlboro, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

i37zb.ttrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.203.129 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.protected.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.12.153 (None, )

ASN13335 (CLOUDFLARENET, US)

start.parimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	parimatch.com start.parimatch.com	201 KB
6	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 40609 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12514	99 KB
3	optargone-2.online 2 redirects xml-v4.optargone-2.online tq.optargone-2.online	16 KB
2	exploretop-a.online 1 redirects exploretop-a.online — Cisco Umbrella Rank: 296957	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	protected.bet 1 redirects z.cdn.protected.bet — Cisco Umbrella Rank: 427063	413 B
1	ttrk.io 1 redirects i37zb.ttrk.io — Cisco Umbrella Rank: 981005	881 B
1	credit-spirit.com 1 redirects www.credit-spirit.com	370 B
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	bet.pm Failed cdn.bet.pm Failed
43	10

	Domain	Requested by
20	start.parimatch.com	start.parimatch.com
4	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	xml-v4.optargone-2.online	2 redirects
2	cdn.perfdrive.com	exploretop-a.online tq.optargone-2.online
2	exploretop-a.online	1 redirects
1	fonts.googleapis.com	start.parimatch.com
1	z.cdn.protected.bet	1 redirects
1	i37zb.ttrk.io	1 redirects
1	tq.optargone-2.online	exploretop-a.online
1	www.credit-spirit.com	1 redirects
0	www.googletagmanager.com Failed	start.parimatch.com
0	cdn.bet.pm Failed	start.parimatch.com
43	12

This site contains links to these domains. Also see Links.

Domain
ca.parimatch.com

Subject Issuer	Validity	Valid
exploretop-a.online Amazon RSA 2048 M02	`2024-09-16` - `2025-10-15`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
optargone-2.online R11	`2024-09-23` - `2024-12-22`	3 months	crt.sh
parimatch.com WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue
Frame ID: 08AC644C720C36F159B61282C5A3F6FC
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parimatch. They fight – you win!

Page URL History Show full URLs

https://www.credit-spirit.com/ HTTP 302
http://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q HTTP 307
https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q Page URL
https://exploretop-a.online/api/v1/pxcheck?impId=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q&minfo=eyJjb29r... HTTP 302
http://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 307
https://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 302
https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=52420765... Page URL
https://xml-v4.optargone-2.online/click2?i=bTtChveGRs4_0&ci=5242076549084497101&j=rv%3Db%26ss%3D1600x1200%26ws... HTTP 302
https://i37zb.ttrk.io/66df0e22aaf38fcfdb0fe3ff?sub1=275be061a8c02a201369bc190&sub2=63631&sub3=6613... HTTP 302
https://z.cdn.protected.bet/go?z=1633697152&key=6707c8daa5f66404f62a0149 HTTP 302
https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

43
Requests

67 %
HTTPS

22 %
IPv6

10
Domains

12
Subdomains

7
IPs

3
Countries

337 kB
Transfer

814 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://ca.parimatch.com/en

Search URL Search Domain Scan URL

URL: https://ca.parimatch.com/en/login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://ca.parimatch.com/en/responsible-gambling
Title: Responsible Gambling

Search URL Search Domain Scan URL

URL: https://ca.parimatch.com/en/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ca.parimatch.com/en/casino/live-casino/wagering-games
Title: To games

Search URL Search Domain Scan URL

URL: http://ca.parimatch.com/
Title: ca.parimatch.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.credit-spirit.com/ HTTP 302
http://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q HTTP 307
https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q Page URL
https://exploretop-a.online/api/v1/pxcheck?impId=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9leHBsb3JldG9wLWEub25saW5lL2FwaS92MS9weD94bWxpZD03b1o0UHhHaUNQZDByTGxHM0FISlVwU2xCVnRLa281YWxZdEFjSjhRIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
http://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 307
https://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 302
https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25 Page URL
https://xml-v4.optargone-2.online/click2?i=bTtChveGRs4_0&ci=5242076549084497101&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D30x30%26ce%3D1%26ck%3Djc%26cv%3D4716%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dtq.optargone-2.online%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F129.0.0.0%2BSafari%252F537.36%26tp%3D86%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D0%26prb%3D20030107%26tz%3D420%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D48%26hrl%3D%26acd%3Dpppmp%26vcd%3Dnpp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1285%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D30x30%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D55%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D3%26mmd_ai%3D3%26mmd_vi%3D1 HTTP 302
https://i37zb.ttrk.io/66df0e22aaf38fcfdb0fe3ff?sub1=275be061a8c02a201369bc190&sub2=63631&sub3=6613291&sub4=Bell+Canada&sub5=credit-spirit.com&sub6=1505138&sub7=credit-spirit.com%2Bcredit-spirit%2Bcom&ref_id=SL*Y2QGWRM0&cost=0.0018 HTTP 302
https://z.cdn.protected.bet/go?z=1633697152&key=6707c8daa5f66404f62a0149 HTTP 302
https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.credit-spirit.com/ HTTP 302
http://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q HTTP 307
https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q

Request Chain 4

https://exploretop-a.online/api/v1/pxcheck?impId=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9leHBsb3JldG9wLWEub25saW5lL2FwaS92MS9weD94bWxpZD03b1o0UHhHaUNQZDByTGxHM0FISlVwU2xCVnRLa281YWxZdEFjSjhRIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
http://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 307
https://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0 HTTP 302
https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

px Show response
exploretop-a.online/api/v1/
Redirect Chain

https://www.credit-spirit.com/
http://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q
https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q

114 KB
21 KB

329ms
110ms

Document
text/html

15.197.224.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: a04bd714db9734ee3507219942d99785955b7056b3b4ce883514b4de6c5e8373

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 10 Oct 2024 12:30:15 GMT
etag: W/"1c8ff-Bf1aAh0CQcN/kw1muzFPZOOVFTc"
vary: Accept-Encoding

Redirect headers

Location: https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 240 KB
89 KB 235ms
42ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: exploretop-a.online
URL: https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 1606203846c1977f6b9eb8f226c623c77f73838df2a622556cfa3efd884c0c65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://exploretop-a.online/

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"66d1bfd4-3bece"
age: 105
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91364
date: Thu, 10 Oct 2024 12:28:31 GMT
last-modified: Fri, 30 Aug 2024 12:49:24 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
418 B 317ms
69ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://exploretop-a.online/

Response headers

via: 1.1 google
x-response-time: 1ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
date: Thu, 10 Oct 2024 12:30:16 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 255 B
400 B 314ms
68ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://exploretop-a.online/

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
date: Thu, 10 Oct 2024 12:30:16 GMT
content-type: text/plain; charset=UTF-8

GET
H/1.1

200
OK

filter Show response
tq.optargone-2.online/
Redirect Chain

https://exploretop-a.online/api/v1/pxcheck?impId=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81M...
http://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0
https://xml-v4.optargone-2.online/click?seat=3039675&i=bTtChveGRs4_0
https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

15 KB
15 KB

385ms
94ms

Document
text/html

173.239.53.32
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25
Requested by: Host: exploretop-a.online
URL: https://exploretop-a.online/api/v1/px?xmlid=7oZ4PxGiCPd0rLlG3AHJUpSlBVtKko5alYtAcJ8Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 89c697e6f7480d9e714522883d014edd914c13314317a801daf304a028d1fe4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 15432
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Oct 2024 12:30:17 GMT
Referrer-Policy: unsafe-url
Server: nginx

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 10 Oct 2024 12:30:16 GMT
Location: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25
Server: nginx

GET
H2 200 aperture.js Show response
cdn.perfdrive.com/aperture/ 26 KB
8 KB 211ms
43ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/aperture/aperture.js
Requested by: Host: tq.optargone-2.online
URL: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"66d1bfd4-6844"
age: 2353
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7938
date: Thu, 10 Oct 2024 11:51:04 GMT
last-modified: Fri, 30 Aug 2024 12:49:24 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 316 B
461 B 235ms
70ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
date: Thu, 10 Oct 2024 12:30:17 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 211 B
264 B 232ms
70ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
date: Thu, 10 Oct 2024 12:30:17 GMT
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25

Response headers

Content-Type: image/png

GET
H2

200

Primary Request / Show response
start.parimatch.com/ca/livecasino/
Redirect Chain

https://xml-v4.optargone-2.online/click2?i=bTtChveGRs4_0&ci=5242076549084497101&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D30x30%26ce%3D1%26ck%3Djc%26cv%3D4716%26cs%3D1%26fr%3D0%26hc%3D0%26f...
https://i37zb.ttrk.io/66df0e22aaf38fcfdb0fe3ff?sub1=275be061a8c02a201369bc190&sub2=63631&sub3=6613291&sub4=Bell+Canada&sub5=credit-spirit.com&sub6=1505138&sub7=credit-spirit.com%2Bcredit-spirit%2Bc...
https://z.cdn.protected.bet/go?z=1633697152&key=6707c8daa5f66404f62a0149
https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_m...

13 KB
5 KB

488ms
172ms

Document
text/html

104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54337c3d0cf57756dc4aab7eaede16d7dddeeff5beeb8114f9205a3d482bd234

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tq.optargone-2.online/filter?q=credit-spirit.com%2Bcredit-spirit%2Bcom&i=bTtChveGRs4_0&ci=5242076549084497101&t=496258015&h=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 8d069ef99f0b36cf-YYZ
content-encoding: gzip
content-length: 4438
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 12:30:19 GMT
expires: Thu, 10 Oct 2024 16:30:19 GMT
hserver: 5
last-modified: Thu, 10 Oct 2024 12:30:19 GMT
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 0
date: Thu, 10 Oct 2024 12:30:18 GMT
location: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2 200 bundle.css
start.parimatch.com/ca/livecasino/public/ 86 KB
14 KB 63ms
60ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61451f54ae37e10e5aa02a0efd00305daf5b204f188ae430767e7b52cd6dfd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "159bb-6196bdd50f40a-gzip"
hserver: 8
age: 90862
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/css
last-modified: Mon, 27 May 2024 09:08:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efae87736cf-YYZ
accept-ranges: bytes
content-length: 13775
server: cloudflare

GET
H2 200 loader.css
start.parimatch.com/ca/livecasino/public/ 3 KB
993 B 60ms
58ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/livecasino/public/loader.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b560fdcdc46218b0ad7b61b67e5b6f0b32e41fc5b25ad1fe1517fece5b330536

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "c93-616fec812885d-gzip"
hserver: 8
age: 90862
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efae87c36cf-YYZ
accept-ranges: bytes
content-length: 900
server: cloudflare

GET
H3 200 s.js Show response
start.parimatch.com/fpapi/ 103 KB
30 KB 62ms
61ms Script
text/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/fpapi/s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
hserver: 5
age: 90970
x-content-type-options: nosniff
cf-ray: 8d069efbf8fbac9a-YYZ
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 11:13:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mlibrary.js Show response
start.parimatch.com/mtapi/js/build/ 37 KB
9 KB 88ms
87ms Script
application/javascript 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/mtapi/js/build/mlibrary.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "92ac-60acfc382665d-gzip"
age: 3979
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 11:01:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
cf-ray: 8d069efae87f36cf-YYZ
accept-ranges: bytes
content-length: 8677
server: cloudflare

GET
H2 200 logo.svg
start.parimatch.com/ca/livecasino/public/images/ 3 KB
1 KB 59ms
58ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af7d821763510cb3026ef2a3e23895a9c6a14cd36ec3abd7d84c74dcd2f7fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"a25-616fec8121afd"
age: 90862
hserver: 7
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efae88336cf-YYZ
server: cloudflare

GET
H2 200 bonus.svg
start.parimatch.com/ca/livecasino/public/images/ 9 KB
4 KB 56ms
55ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/bonus.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36065d9ada235c54b04f04c9b3ce89699c3d46927d95bf48fb296058a3e0698e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2349-616fec811dc7d"
age: 90862
hserver: 8
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efae88536cf-YYZ
server: cloudflare

GET
H2 200 18+.png
start.parimatch.com/ca/livecasino/public/images/footer/ 876 B
1 KB 56ms
55ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/18+.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b84a4c9d9f4fbbef0bcc8582a0bda3b78c064dea906ffe477e663a4e103c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "6b1-616fec811dc7d"
hserver: 10
cf-cache-status: HIT
age: 90860
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
cf-polished: origFmt=png, origSize=1713
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/webp
content-disposition: inline; filename="18+.webp"
vary: Accept
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efb390536cf-YYZ
accept-ranges: bytes
content-length: 876
server: cloudflare

GET
H2 200 stop.png
start.parimatch.com/ca/livecasino/public/images/footer/ 682 B
810 B 70ms
70ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/stop.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3616c43a2cb3228552b3e78b38516914fce87873d94701ed98f1e7a4de17a0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "659-616fec811ec1d"
hserver: 10
cf-cache-status: HIT
age: 90860
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
cf-polished: origFmt=png, origSize=1625
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/webp
content-disposition: inline; filename="stop.webp"
vary: Accept
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efb592836cf-YYZ
accept-ranges: bytes
content-length: 682
server: cloudflare

GET
H2 200 feder.png
start.parimatch.com/ca/livecasino/public/images/footer/ 3 KB
3 KB 50ms
49ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/feder.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac313c7a47f56ea56eaa45c2bac4a98d097e9355515c3b72335e720bdfedcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "106d-616fec811dc7d"
hserver: 6
cf-cache-status: HIT
age: 90860
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
cf-polished: origFmt=png, origSize=4205
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/webp
content-disposition: inline; filename="feder.webp"
vary: Accept
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efb996536cf-YYZ
accept-ranges: bytes
content-length: 2932
server: cloudflare

GET
H3 200 Interac.svg
start.parimatch.com/ca/livecasino/public/images/footer/ 8 KB
4 KB 54ms
54ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/Interac.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2a943e7fe10d0b4eb022becacfc83ad8f68efec6dd11e14cb38845877506fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2031-616fec811dc7d"
age: 90862
hserver: 6
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efc998cac9a-YYZ
server: cloudflare

GET
H3 200 mastercard.svg
start.parimatch.com/ca/livecasino/public/images/footer/ 5 KB
2 KB 52ms
52ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/mastercard.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ceec2468f2c66086d2351a19bb064db821fe4348884c25df459184366cb312

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"14d4-616fec811ec1d"
age: 90862
hserver: 10
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efcf9deac9a-YYZ
server: cloudflare

GET
H3 200 bitcoin.png
start.parimatch.com/ca/livecasino/public/images/footer/ 2 KB
2 KB 59ms
59ms Image
image/webp 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/bitcoin.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb88e39136e6e54731202903c2153d5e97a06e8292c00b79d00afd31cd5fc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

cf-bgj: imgq:85,h2pri
etag: "d16-616fec811dc7d"
hserver: 7
cf-cache-status: HIT
age: 90860
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
cf-polished: origFmt=png, origSize=3350
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/webp
content-disposition: inline; filename="bitcoin.webp"
vary: Accept
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efd19fbac9a-YYZ
accept-ranges: bytes
content-length: 1616
server: cloudflare

GET
H3 200 visa.svg
start.parimatch.com/ca/livecasino/public/images/footer/ 1 KB
950 B 67ms
66ms Image
image/svg+xml 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://start.parimatch.com/ca/livecasino/public/images/footer/visa.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b20dba8b3859be13d81f59b591ec820d7ced46defd4f921ce7a64f8d48950580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/?adtag=uf2ab340a68066134_atq.optargone-2.online_b1685539290_c1633697152_d1791239320_e1969233228&utm_campaign=PM_Canada_PM_CA_Activerevenue_1633697152&utm_medium=fix&utm_source=PM_Canada_Activerevenue

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4fb-616fec811ec1d"
age: 90861
hserver: 9
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efd19fdac9a-YYZ
server: cloudflare

GET password-validation.js
cdn.bet.pm/common/js/global-password-validation/dist/ 0
0

GET modernizr-custom.js
start.parimatch.com/ca/livecasino/public/ 0
0

GET vendor.js
start.parimatch.com/ca/livecasino/public/ 0
0

GET bundle.js
start.parimatch.com/ca/livecasino/public/ 0
0

GET phoneMasks.js
start.parimatch.com/common/global-phone-mask/dist/ 0
0

GET auth-helper-v2.js
start.parimatch.com/common/js/ 0
0

GET forms.js
start.parimatch.com/ca/livecasino/public/js/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 285ms
99ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb476e96f54319cea2fc40843f47769df631e2ff491cb0ab7ae744aab7e73877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 12:30:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 12:02:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 include.css
start.parimatch.com/templates/assets/fonts/Gilroy/ 10 KB
761 B 65ms
64ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dea1ce0c87ed238683103ba2142e4276db81f69039dcd86638b3492c2eb0e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "28b4-5c6212c59bde6-gzip"
hserver: 7
age: 90970
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/css
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efb592a36cf-YYZ
accept-ranges: bytes
content-length: 646
server: cloudflare

GET
H2 200 include.css
start.parimatch.com/templates/assets/fonts/Parimatch/ 3 KB
443 B 66ms
65ms Stylesheet
text/css 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Parimatch/include.css

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c67cb5ec1205e71ea8c7d3188e95b18bfb069f795aceb623c5c0999d044ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "ae5-5cfe1c8f4d18c-gzip"
hserver: 5
age: 90970
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: text/css
last-modified: Wed, 03 Nov 2021 12:45:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efb592c36cf-YYZ
accept-ranges: bytes
content-length: 334
server: cloudflare

GET gtm.js
www.googletagmanager.com/ 0
0

GET timestamp
start.parimatch.com/mtapi/promo/ 0
0

GET bg.jpg
start.parimatch.com/ca/livecasino/public/images/ 0
0

GET Gilroy-Regular.woff2
start.parimatch.com/templates/assets/fonts/Gilroy/ 0
0

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET Gilroy-Bold.woff2
start.parimatch.com/templates/assets/fonts/Gilroy/ 0
0

GET icomoon.ttf
start.parimatch.com/ca/livecasino/public/fonts/ 0
0

GET Gilroy-Black.woff2
start.parimatch.com/templates/assets/fonts/Gilroy/ 0
0

GET
H3 200 icomoon.woff
start.parimatch.com/ca/livecasino/public/fonts/ 7 KB
5 KB 70ms
69ms Font
application/font-woff 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/ca/livecasino/public/fonts/icomoon.woff

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b572d6242c1e60082f1c1ed62d19329b396052c543fd6dea26595835cbe01ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/ca/livecasino/public/bundle.css?v=1.001

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1cc0-616fec811ccdd"
age: 71370
hserver: 7
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: application/font-woff
last-modified: Fri, 26 Apr 2024 12:09:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efdca95ac9a-YYZ
server: cloudflare

GET
H3 200 Gilroy-Bold.woff
start.parimatch.com/templates/assets/fonts/Gilroy/ 39 KB
40 KB 56ms
55ms Font
application/font-woff 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Bold.woff

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fddec8afba2cd1b8b78a04bc7f0bd6df430a2314bfad2b2c2bb30177aa532d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"9d44-5c6212c593146"
age: 70364
hserver: 9
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: application/font-woff
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efdca96ac9a-YYZ
server: cloudflare

GET
H3 200 Gilroy-Black.woff
start.parimatch.com/templates/assets/fonts/Gilroy/ 40 KB
40 KB 70ms
70ms Font
application/font-woff 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Black.woff

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca724aa0d3b6faebfbc7dc91a89afdab5cf25af7f3948f8e620d1621655dd1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"9ee4-5c6212c5921a6"
age: 78883
hserver: 7
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: application/font-woff
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efdca97ac9a-YYZ
server: cloudflare

GET
H3 200 Gilroy-Regular.woff
start.parimatch.com/templates/assets/fonts/Gilroy/ 38 KB
38 KB 71ms
71ms Font
application/font-woff 104.18.12.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Regular.woff

Requested by

Host: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77a623005a1c5c98b605433755c8f28dd4eda261a8ce9d7cb96d5c64daa9858

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://start.parimatch.com
Referer: https://start.parimatch.com/templates/assets/fonts/Gilroy/include.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"9824-5c6212c597f66"
age: 70236
hserver: 5
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 16:30:19 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 12:30:19 GMT
content-type: application/font-woff
last-modified: Fri, 02 Jul 2021 10:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8d069efdca99ac9a-YYZ
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.bet.pm
URL: https://cdn.bet.pm/common/js/global-password-validation/dist/password-validation.js?v=1.001

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/modernizr-custom.js

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/vendor.js

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/bundle.js

Domain: start.parimatch.com
URL: https://start.parimatch.com/common/global-phone-mask/dist/phoneMasks.js

Domain: start.parimatch.com
URL: https://start.parimatch.com/common/js/auth-helper-v2.js

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/js/forms.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CZS6L

Domain: start.parimatch.com
URL: https://start.parimatch.com/mtapi/promo/timestamp

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/images/bg.jpg

Domain: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Regular.woff2

Domain: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Bold.woff2

Domain: start.parimatch.com
URL: https://start.parimatch.com/ca/livecasino/public/fonts/icomoon.ttf

Domain: start.parimatch.com
URL: https://start.parimatch.com/templates/assets/fonts/Gilroy/Gilroy-Black.woff2

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exploretop-a.online/	1970-01-21 04:28:35	Name: __ssds Value: 2
.exploretop-a.online/	1970-01-21 04:28:35	Name: __ssuzjsr2 Value: a9be0cd8e
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmaj2 Value: 4dc5079d-b292-491e-81e2-50fd2c18b9b1
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmbj2 Value: 1728563416
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmcj2 Value: 534121020367
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmdj2 Value: 1728563416
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmlj2 Value: DvFbWTi5kfgpfvYigJ68vangonZDgLaA+/pe7jjdckY=
.exploretop-a.online/	1970-01-21 04:28:35	Name: __uzmfj2 Value: 7f600000aeccb0-95aa-493e-819e-0fa880789d2e17285634166870-4c4973382fc9100510
.optargone-2.online/	1969-12-31 23:59:59	Name: x3325799 Value: 1248185357
tq.optargone-2.online/	1969-12-31 23:59:59	Name: c-1946774422 Value: -1248185357
.optargone-2.online/	1970-01-21 04:28:35	Name: __ssds Value: 2
tq.optargone-2.online/	1969-12-31 23:59:59	Name: jc Value: 4716
.optargone-2.online/	1970-01-21 04:28:35	Name: __ssuzjsr2 Value: a9be0cd8e
.optargone-2.online/	1970-01-21 04:28:35	Name: __uzmaj2 Value: d9329f86-f604-46df-9f20-bfbb4a838e84
.optargone-2.online/	1970-01-21 04:28:35	Name: __uzmbj2 Value: 1728563417
.optargone-2.online/	1970-01-21 04:28:35	Name: __uzmcj2 Value: 944071081976
.optargone-2.online/	1970-01-21 04:28:35	Name: __uzmdj2 Value: 1728563417
.i37zb.ttrk.io/	1970-01-21 00:10:49	Name: redcmps Value: W3siaWQiOiI2NmRmMGUyMmFhZjM4ZmNmZGIwZmUzZmYiLCJ0IjoiMjAyNC0xMC0xMFQxMjozMDoxOC4wMDAxNDUwODNaIn1d
.i37zb.ttrk.io/	1970-01-21 08:54:59	Name: redhash Value: NjcwN2M4ZGFhNWY2NjQwNGY2MmEwMTQ5fDB8NjZkZjBlMjJhYWYzOGZjZmRiMGZlM2ZmfHwyODFmNWIzYi00NmRiLTRkYTgtYjUxZC1hMTEyYmY1Y2YxYjR8MTcyODU2MzQxOA==
z.cdn.protected.bet/	1970-01-21 09:45:23	Name: AU Value: f2ab340a68066134

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.bet.pm
cdn.perfdrive.com
exploretop-a.online
fonts.googleapis.com
i37zb.ttrk.io
start.parimatch.com
tq.optargone-2.online
www.credit-spirit.com
www.googletagmanager.com
xml-v4.optargone-2.online
z.cdn.protected.bet
cdn.bet.pm
start.parimatch.com
www.googletagmanager.com
104.18.12.153
130.211.29.114
15.197.224.234
172.234.192.109
173.239.53.32
212.7.203.129
2604:9a00:2010:a03a:5::
2607:f8b0:400d:c0c::5f
35.241.15.240
1606203846c1977f6b9eb8f226c623c77f73838df2a622556cfa3efd884c0c65
36065d9ada235c54b04f04c9b3ce89699c3d46927d95bf48fb296058a3e0698e
3616c43a2cb3228552b3e78b38516914fce87873d94701ed98f1e7a4de17a0d1
3af7d821763510cb3026ef2a3e23895a9c6a14cd36ec3abd7d84c74dcd2f7fcb
49b84a4c9d9f4fbbef0bcc8582a0bda3b78c064dea906ffe477e663a4e103c88
54337c3d0cf57756dc4aab7eaede16d7dddeeff5beeb8114f9205a3d482bd234
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
61451f54ae37e10e5aa02a0efd00305daf5b204f188ae430767e7b52cd6dfd7a
65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176
6dea1ce0c87ed238683103ba2142e4276db81f69039dcd86638b3492c2eb0e84
871fcc70bb938f9470302f37d9b68e25f6bab3a1b48e5fe3dccc98463824250b
89c697e6f7480d9e714522883d014edd914c13314317a801daf304a028d1fe4c
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
a04bd714db9734ee3507219942d99785955b7056b3b4ce883514b4de6c5e8373
a9ceec2468f2c66086d2351a19bb064db821fe4348884c25df459184366cb312
b20dba8b3859be13d81f59b591ec820d7ced46defd4f921ce7a64f8d48950580
b560fdcdc46218b0ad7b61b67e5b6f0b32e41fc5b25ad1fe1517fece5b330536
b572d6242c1e60082f1c1ed62d19329b396052c543fd6dea26595835cbe01ce8
bac313c7a47f56ea56eaa45c2bac4a98d097e9355515c3b72335e720bdfedcad
bb476e96f54319cea2fc40843f47769df631e2ff491cb0ab7ae744aab7e73877
bed78c95e406b4a9825da57ba6936552b6e0f572cae8d44468db113927bc8e31
c77a623005a1c5c98b605433755c8f28dd4eda261a8ce9d7cb96d5c64daa9858
ca724aa0d3b6faebfbc7dc91a89afdab5cf25af7f3948f8e620d1621655dd1a7
d5c67cb5ec1205e71ea8c7d3188e95b18bfb069f795aceb623c5c0999d044ccd
e2a943e7fe10d0b4eb022becacfc83ad8f68efec6dd11e14cb38845877506fd2
efb88e39136e6e54731202903c2153d5e97a06e8292c00b79d00afd31cd5fc59
fddec8afba2cd1b8b78a04bc7f0bd6df430a2314bfad2b2c2bb30177aa532d8e

start.parimatch.com Open in urlscan Pro 104.18.12.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

67 %HTTPS

22 %IPv6

10 Domains

12 Subdomains

7 IPs

3 Countries

337 kBTransfer

814 kBSize

20 Cookies

6 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

start.parimatch.com Open in urlscan Pro
104.18.12.153 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

67 %
HTTPS

22 %
IPv6

10
Domains

12
Subdomains

7
IPs

3
Countries

337 kB
Transfer

814 kB
Size

20
Cookies

43 HTTP transactions
2 data transactions