| start.pari1.win/HOT5st_uk_m_71/public/images/girl.png |  104.21.26.192 | 200 OK | 137 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/girl.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 495 x 905, 8-bit colormap, non-interlaced\012- data Size137 kB (136718 bytes) Hash720f4ea568025f75461560f8898bacd7 e7a37d6ae52637b86d08b143e3e2a868265e5788 4d0f245a522742fcde3a5008b747a6501d1d894d77cdad4dc56aeb9c2e03d7fd
GET /HOT5st_uk_m_71/public/images/girl.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 136718
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "2160e-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cache-control: max-age=14400
cf-cache-status: HIT
age: 6642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRYXfUd%2F7tUa7B5zBr2DZu1M%2BX0qZ%2BAUTG1WC4GsRs0fUlGi7Y4YIj%2BwABOSPZR8AulOY1snWM0%2Fvy033bx3JwXKGFLTvxom2VrBArcvJOFa0fCYJEvF9HOFbQOXHeFM8m8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f2e5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/game-bg.png | 104.21.26.192 | 200 OK | 54 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/game-bg.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 1062 x 796, 8-bit colormap, non-interlaced\012- data Hashec5467052de91f17455accaaff1c986f a230a243b63d39b0d10e6f4cf2983d5b26c9db0b 72499df58938489330941c027f0c3bb81ec271226383588a4518db2883b3c5a6
GET /HOT5st_uk_m_71/public/images/game-bg.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 54507
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "d4eb-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 5820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgKrLYtgoib4oxyJzXN1eUh73JoUMfN3CeGy3uomjU1qSrziv3hA5HKrNlLK2DTBUu%2BOG3j1T8ae4jjtmQ1ws3%2Fi8%2BgyHXMrcrrHB2mauBehpHGt8bjElaji23didihVXOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f2f5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/framework/frontend/images/visa.png | 104.21.26.192 | 200 OK | 1.1 kB |
URL GET HTTP/3start.pari1.win/framework/frontend/images/visa.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 159 x 58, 8-bit colormap, non-interlaced\012- data Hash204ed95fed9d1ea52ee41d67cecb42d1 9b646a3da92f39003bda51395fe33c6659336be7 6867c97852a04b840f252ae991191efced45162355a83d8fd86b5f727a6ddef7
GET /framework/frontend/images/visa.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 1084
last-modified: Fri, 01 Sep 2023 11:37:55 GMT
etag: "43c-6044a97745524"
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhmk%2B9fXWjqz1QO2mOIEPUTyNBxSTT4Qz%2BIrt5XBX%2BoN%2FKNgqyBQXKlHaSuJDYcVpfMGlTTPeSkpaRjFdX%2B7%2FviTmguGjtp%2FOTSjwS3JtNHa%2Fd5kSms93iTYmFF1xMDiQ2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f355689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/framework/frontend/images/mastercard.png | 104.21.26.192 | 200 OK | 845 B |
URL GET HTTP/3start.pari1.win/framework/frontend/images/mastercard.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 93 x 72, 8-bit colormap, non-interlaced\012- data Hasha504c706f3c36946e28dca67601cc8bc 1d66c6cd5967d1c427b72fae682f4057d20df933 f3fc0f16cae8833d900f4f6b12a4ff00112760e6a404a8db773d9fbf2f7d2d57
GET /framework/frontend/images/mastercard.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 845
last-modified: Fri, 01 Sep 2023 11:37:55 GMT
etag: "34d-6044a97745524"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRLiw38yrl2O2GutL%2F4WC28zlVRbxYsnp4SIkhgqLszJ3fVrjHgxmL9kc3icfpled5Go94KnsaitXIkMXWsqv0s4phNh0R3CEHHu%2BbdXruN%2Bb43CpcelTmJpQTDyWAeLNH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f365689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/framework/frontend/images/social-icon-1.png | 104.21.26.192 | 200 OK | 1.4 kB |
URL GET HTTP/3start.pari1.win/framework/frontend/images/social-icon-1.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 54 x 54, 8-bit/color RGBA, non-interlaced\012- data Hash7d9fe319c8acec72220c31237346cbad 43f3cd441c75d5e85277bdb025c7023740f797f1 21a42239c7642fe184c071eec8c91f4882c2899f030745ad6c5ff6888f3f1cdf
GET /framework/frontend/images/social-icon-1.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 1408
last-modified: Fri, 01 Sep 2023 11:37:55 GMT
etag: "580-6044a97745524"
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7%2Fy50LcAkyycFk%2FvjZLaFlLZDFnxL2%2FuMM4ooVuQcF8QYhYcAP6%2Fq7aZF%2Bb4EuxbDj8CqDWMVuL6u%2BSNdMt2cdRTMEsEVB%2BPSusSPjja6fv%2FCUSOFWkKh5Ye4mmeTNXZsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f425689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/modal-bg.png | 104.21.26.192 | 200 OK | 63 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/modal-bg.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 1611 x 971, 8-bit colormap, non-interlaced\012- data Hashf620a0982beb9b7cd28f95900096a10b 82f226fac39431be9311857de6c2dc24628f5995 6a160c948b646e17f59b087ca7fe7a4667872f7b6bfdf8ba5b559f88909caaf9
GET /HOT5st_uk_m_71/public/images/modal-bg.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 63124
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "f694-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cache-control: max-age=14400
cf-cache-status: HIT
age: 5820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXunvjt2OsASz9Jr737rYtyBTl4lTQtrbNI6xLaLaE8cMTMNnqZHblCvHmBkfhXkpZmqA9oBmTwiCh1SPauMtxpjFsgPEdXlRaxt0r1TbNyPKX3GRZpe6EWz7ngA6rn5pmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f435689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/bg.jpg | 104.21.26.192 | 200 OK | 107 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/bg.jpg IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data Size107 kB (107198 bytes) Hashbee032e92f83d2d316be840c47b1a9e0 c8b3ef7d70720f1917e06fd9011b66d2ebdd3fa0 5262e0111f44ee01f7c2b2c36713f7de7dadc9aa437b9d9dfccc081900cfb4e9
GET /HOT5st_uk_m_71/public/images/bg.jpg HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/jpeg
content-length: 107198
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "1a2be-6067a0eca99e1"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 5820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMbEWTEV5XuX1RYRdjdsxkENS89Dl7isuxJo7otU6e9IwsEg6WP4oWOGpI%2Fy%2BvMsPu%2BHc7uOGNlIhWy7nBpSm3V8afSxyi1tVwV4nNxcGKztFse90Hmcowg2wHRa%2B8Lsij4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084da035689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/btn-bg.png | 104.21.26.192 | 200 OK | 19 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/btn-bg.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 796 x 252, 8-bit colormap, non-interlaced\012- data Hashff2d7e22b5d9f1515fad31868d2cf735 1ab52d55de8a02f04a3017dfef4170c70abdd845 855a14adfa767292ce1230dacd436ba04ac255c1cd6814af559b41b7ade1f1ef
GET /HOT5st_uk_m_71/public/images/btn-bg.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/png
content-length: 19435
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "4beb-6067a0eca99e1"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMQ%2B1Nm06mhl70d8ysEaaBFdrRNspldX%2BT32kCb%2F%2B19IrmSFFTK%2BvKYZ%2BF2oCfVg7AULgVR2z0%2B0pXr6EkdpO49HTB%2Fx1uv8WgEBVeWVFgTO5cEt3eEAh87L37Xpzvf5a1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084da235689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-T6B092EN9T |  142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-T6B092EN9T IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeASCII text, with very long lines (5955) Hash9803ec6ebd2212a3a6dacf9d8f9340ce ce16784f0958578a5d170c7835ba9b15281112bf 7e6be657283b89fc7192fb55262389b3b076ba89bb0791c23b26ed75197c3f74
GET /gtag/js?id=G-T6B092EN9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 16:11:21 GMT
expires: Tue, 05 Dec 2023 16:11:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/win.mp3 | 104.21.26.192 | 206 Partial Content | 162 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/win.mp3 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, Stereo\012- data Size162 kB (161960 bytes) Hashf25f69339e68e5bf2d66eba540b97332 251a0aeb7b85892b6b3019e6eef3a8bdbd0aaf8f 5cc36f503aa4043efe200ed4519975bd33d67b6d0bc42e603d2bd8149414dd6a
GET /HOT5st_uk_m_71/public/images/win.mp3 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: audio/mpeg
content-length: 161960
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "278a8-6067a0ecab921"
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 6625
content-range: bytes 0-161959/161960
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6hgqXLNNoCRDooZ%2FVlXsCt0ygF8O02qM5V5z2BBfdiWJtGj4RbXWkyMgW5GC%2F%2Bx5TA%2B9s4kH9PUJkeiDuYKD7QUgNZQtJ8%2B0hR8Hkn8aTL0fC2ZxihF4Tj10tEzeF9F2MQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084fa655689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/click.mp3 | 104.21.26.192 | 206 Partial Content | 45 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/click.mp3 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data Hashc890555920ec4f8c9e88eb25c61455af dc3f0d6f5184353c1bbbfa55f1f8d54675269a0c d094c5b0a8b4274fdc91a6706a74ab79509686d892037499046897555eb3a82d
GET /HOT5st_uk_m_71/public/images/click.mp3 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: audio/mpeg
content-length: 44989
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "afbd-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 6625
content-range: bytes 0-44988/44989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0she0Kbm5G655NSOtUblxGHGYGsiX254x2FT5fGh7wtsXYUW3P3Gg98sCN2bKqxgcMfcKRb5%2Ft7ZU%2FLHer6Yp3jrFh2EwkCwCpsJgClnvsL%2FRn%2FRlHh4XDxlSyGI1sq%2BaQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084fa665689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/spin.mp3 | 104.21.26.192 | 206 Partial Content | 49 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/spin.mp3 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data Hash2e9b86c287ed9339229d69d5f717bbcb 210f0ef729bad1dc26829f5e190f05a078da8fe2 2ffe00ab01546336ce500e4cde064739072d4298f6b4695fb6cd4dc2cabbbf27
GET /HOT5st_uk_m_71/public/images/spin.mp3 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: audio/mpeg
content-length: 48778
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "be8a-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 6625
content-range: bytes 0-48777/48778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an6T5%2B9HooZM7HwQECtVL54iOq5wIuv3YkqpOk9o5F82Z9XDByiNHyY%2BJgt8jfe1Pj6p6RUQaEMJ3mWhOGSv9eD4XZ6kd0N8WzOqX0R%2FrQhMcZGdxxUB7LIVZYxmwZpKTiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084fa715689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-Bold.woff2 | 104.21.26.192 | 200 OK | 29 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-Bold.woff2 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28944, version 1.0\012- data Hash2b4b95d5bda293c42322aead3839c0c2 3eea504f354dea8ae2bb0286f28e0b0730b83c57 f1be2216ad519cf83279b3fecb08a94b9e89bcae6f886e95f3c6e6ef0471d1ee
GET /HOT5st_uk_m_71/public/fonts/Gilroy-Bold.woff2 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-length: 28944
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "7110-6067a0eca5b61"
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ38MhkJ8t38Z4XZQpYBX3OkGPW9aw87UCW3atxRgtL3uL4bN3hB64pkDdQQ%2B2vTFjN8mzUrPhRza8oVUcSa%2BIyOEXpbT3388Dl5Qisz5%2FomeSQ6MeYc9dSmYiwuk3CG%2BJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084ea3f5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-SemiBold.woff2 | 104.21.26.192 | 200 OK | 29 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-SemiBold.woff2 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28752, version 1.0\012- data Hashdcb1f08486cf74c0414e9501cc86253d 432136d28bf0385a55d332db4a6ab0b34d4a77f7 a8719c41ade6c5c5fb1c5fafef9a08d254389df51ca37f1dc02171a7b1cdec95
GET /HOT5st_uk_m_71/public/fonts/Gilroy-SemiBold.woff2 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-length: 28752
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "7050-6067a0eca8a41"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJORzPhTMBPycUNcJbJlipN1eD%2Fp7t%2FBNOsKVm3hOesSa%2F60M4DsV1iGuxsqy5yUFf7J8Sg6WitY3uyqDxZyv55%2F2m886z5ex2TZxYfFzodZJhFUcL4OHDWJvLM0osMit3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084fa625689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-Regular.woff2 | 104.21.26.192 | 200 OK | 44 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-Regular.woff2 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 44048, version 1.0\012- data Hash08bbb75e36f3e20cf77d15ebd38f77f1 e22c9893c79853e4d2f0950f76b96ce1c2c45153 5d121b350c2597f208e115203fb5d30aea0e039bbcdb5605b0c35f33c08b1595
GET /HOT5st_uk_m_71/public/fonts/Gilroy-Regular.woff2 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-length: 44048
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "ac10-6067a0eca7aa1"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4IusPc0CXGaR4kAaTTC3xA3FwsHhqK8Bos8iJt9nIjLXOCW1BgeaBg9LxFM9c60tduy3bbQbjKl4VR%2B2tn4V1S7%2BllVnjQdgfTzDNmiZ5GU1pbCS5kX7v19nSid9oD4vWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084ea2c5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/common/js/auth-helper-v2.js?v=3.002 | 104.21.26.192 | 200 OK | 47 kB |
URL GET HTTP/3start.pari1.win/common/js/auth-helper-v2.js?v=3.002 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeC source, Unicode text, UTF-8 text Hash24f99adb53fc991196b635b849248208 39b427759b3d6f192ae818731cbbe9abf5a0558d 2437c747aebae64535a74d230f5a53be2db019480c03289a27e52e3dab859416
GET /common/js/auth-helper-v2.js?v=3.002 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 13 Oct 2023 12:12:40 GMT
etag: W/"471b-60797f917ac2c-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 6644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9Oe2f78ANiq6%2F7cc8%2Bm5%2BPFFlg6eGwiTCQehBut1TkdyPDLk5%2BdRrp04og9ox%2FyMyesUeR6ReoXce8l4zg5HwoncgMLZGQQ%2FfoEIaJTl0%2Bv2iW5Ofy%2Fj86OCj%2BZbsOFYVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90837fbd5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz5.png | 104.21.26.192 | 200 OK | 15 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz5.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hashfb2d7790f04d023f107b390db9728473 1ee92d6ffccfe904cc80c70d1d410259234409b7 343f0cc8f96608185b28bfeddb7310cf8ddf0b1c8e968ec49a5d0c5f00d5350d
GET /HOT5st_uk_m_71/public/images/priz5.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 14912
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "3a40-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 6641
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6utWJ5%2BszCAkV5vIOCq9%2Bshyw%2FOz%2BIHzax%2BiRbJ5uPPXpsb3n4ioT%2FaizH%2Bgrmv0D4SxqmMlkqly7nNsQVmLKP3MhYkDo2bNN5fL5swhVohZJorH7L12e1olPUp9AhVznys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086dd9f5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz8.png | 104.21.26.192 | 200 OK | 18 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz8.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 302 x 175, 8-bit colormap, non-interlaced\012- data Hash75bb541f6546d6f04ba2c9772c4a98a3 637c082bcba941ea2cad77fa70aea8eb0855099b 57b888b6e711ce55f1c3f46de88d160592b05fe16fceb4857f94640b5117a44c
GET /HOT5st_uk_m_71/public/images/priz8.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 17668
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "4504-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 6641
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86ThklxTwLnfjWlxM31qUBNO8sSk7bmBaYZ%2FK3detkmZM82Fp7mJtR9VfCH4FJYcleOxf7j9EqppkKrzXumyFeQpCsmWHtOeKVGDycitIjHgfpIrggNoMyWy06ZPFNgHn6E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086ddb15689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz4.png | 104.21.26.192 | 200 OK | 22 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz4.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hashf19e2d93c93ddde879484a05742de052 dcba2187bbef612d406f848bcd7cfc2670cdde16 05f3a7fb7dbb6c51acabd718b9ce42cd8f6b39b0f8424a8ae328dc265c0ad4c0
GET /HOT5st_uk_m_71/public/images/priz4.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 22462
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "57be-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWt5iAPPnfuTwL3VizdUJS7L1WUP3ZPirTShvr50G9CCAFgf%2BZ9O8gnezZx9bJvHKSL9NELUoFE05EEWygeLDWvISRDVDSsNqCTYslJrz2ARVvwGYFFEilZwujBhrEO94BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdc95689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz1.png | 104.21.26.192 | 200 OK | 16 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz1.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hash80fdadc561852cf041057d47e5f90ad4 389f9c8cc73d896c72005ea91e3724567b7d702d ff64cb75d33cc4f16b6300b83559791f3cb9b8f677e476d27eeaf710de2d1dcd
GET /HOT5st_uk_m_71/public/images/priz1.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 16202
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "3f4a-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cache-control: max-age=14400
cf-cache-status: HIT
age: 6641
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BroN4OxXFId42PQkO9AsCannK8U787Di%2BVZbbRkTPRGRlvIXwoKOByQno5ZCy5D4qQMXucYWvZGBNnJ%2FyapaY8Tvwqw9wjRFKBuk6NfA5oxXruIenmoczGbBKrWdS3vus8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdca5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz7.png | 104.21.26.192 | 200 OK | 14 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz7.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hashb58c57cca000c97de4995f81b0e94152 070d0e0703825981df72d870f02b4b2bf887da5f f15c42b920f35422007e315ee74e82885f240f22c024295c771616fb186607eb
GET /HOT5st_uk_m_71/public/images/priz7.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 14476
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "388c-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyEqke7wMNBpUwVfR8%2FsuDYxyKxhsEYSoLh0MsoSOeNcau%2BO%2FuMLdgjV7bmvCh%2FM7IaBWQs5NunJoPJd2i98bjnGvJ1%2FL1xs6AiI1IULZd3MILbw0luNXwUHm2DV%2B8b7ARA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdce5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz3.png | 104.21.26.192 | 200 OK | 19 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz3.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hash87c4a165ecda393a424578252289cf0f ec310137f6246223b346b78af7eea22fb0952221 8199925bec76c341b6169f731e3ac12b326d2ff0f3d980c5a633f67e1d0edb18
GET /HOT5st_uk_m_71/public/images/priz3.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 18960
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "4a10-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AM2PPIf4ulL90nq0JcHxj7wJhoNmV0wmVyDpa847mv9EwjnvG7zxzgYF45xDB4%2BQsW3OtpXRFfOVjxzwv3S75AeXkJJZdQLD8TtYTZ7tWWW1jzlevHUldjXz%2FVzxb289eyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdcf5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz2.png | 104.21.26.192 | 200 OK | 15 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz2.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 302 x 175, 8-bit colormap, non-interlaced\012- data Hashc0a8985de4ff504201624eb903231384 14f8df3aa8938a2633f0bf71046f519d2f2c9c18 5800c8eb040abaead202651f0303b50e8ceee90b4368d47339073203a8b60a73
GET /HOT5st_uk_m_71/public/images/priz2.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 15430
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "3c46-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTAoCeZ042lqHN9RZZ6hSy76R86X21wBYe%2Bs0gkKU6a%2FozGgcHl029D5jkNZmqY3QRiirYyKOAX4rhX1wIyTTYJ02y6OdM%2BZSCdV5RWCeNsEIpqCtOXxlrB8drsxuigK6Ww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdcd5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/priz6.png | 104.21.26.192 | 200 OK | 19 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/priz6.png IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 299 x 173, 8-bit colormap, non-interlaced\012- data Hashf465f75fb16ce47af54bb3c28e098eb2 6676b0422860611067f9648ac2f53fd162ec87fb 6e3f3b857dd9b26041108c50df956018feda91d2eca6f68d01aeacbd2d1848bb
GET /HOT5st_uk_m_71/public/images/priz6.png HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/png
content-length: 19398
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "4bc6-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvWnwFvcLglKf%2FUPxMzOxoff4uEmoxEEppeF3DYYbUjOLZSYkqcshdrRmPZQuHkHHyNm7EN0E1xIWe%2Bno5PlueN7CLHl5CLUqI8kqxQrzrc2Tg%2BjH4uiRcMvEDfab5QwVC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9086fdd05689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-M7SF7HX9 | 142.250.74.168 | 200 OK | 48 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-M7SF7HX9 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeUnicode text, UTF-8 text, with very long lines (2213) Hashe21038029f9e11c0f39a397ba0d77967 ee5bfdc8a92882922f9ad45053f03fcb82fa0e4f 0a92f854c8f79a1e02c28008d57f405d463fd5b7e737f687a08f4594f4912f36
GET /gtm.js?id=GTM-M7SF7HX9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 16:11:22 GMT
expires: Tue, 05 Dec 2023 16:11:22 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/td?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 | 142.250.74.168 | 204 No Content | 0 B |
URL GET HTTP/3www.googletagmanager.com/td?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /td?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 05 Dec 2023 16:11:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=start.pari1.win%2FHOT5st_uk_m_71%2F&tdp=G-T6B092EN9T;166466420;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAAIA&h=Ag&epr=1G.2G&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAAIA&h=Ag&epr=1G.2G&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAAIA&h=Ag&epr=1G.2G&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.dom&eid=9&u=AAAAAAAAAAAAAIA&h=Ag&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.dom&eid=9&u=AAAAAAAAAAAAAIA&h=Ag&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.dom&eid=9&u=AAAAAAAAAAAAAIA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.click&eid=12&u=AgAAAAAAAAAAAIA&h=Ag&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.click&eid=12&u=AgAAAAAAAAAAAIA&h=Ag&z=0 IP142.250.74.168:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-T6B092EN9T&v=3&t=t&pid=858819937&cv=1&rv=3bt0&tc=16&es=1&e=gtm.click&eid=12&u=AgAAAAAAAAAAAIA&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:23 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| start.pari1.win/common/css/loader.css?v=3.001 | 104.21.26.192 | 200 OK | 495 B |
URL GET HTTP/3start.pari1.win/common/css/loader.css?v=3.001 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeASCII text, with very long lines (528), with no line terminators Hash77035ce7bc6eb61619ba2c571481c602 2900d86881947c31ca7a9e10d1239cf4ba6613bb 337264a2a96b53ca034329754fa11fd54c7c39b981f5f9e0265dec33a81b7c00
GET /common/css/loader.css?v=3.001 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: text/css
last-modified: Fri, 01 Sep 2023 11:37:55 GMT
etag: W/"1ef-6044a9773e7c4-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 1271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wy%2B73%2FjbzM%2B50PkUiO6hCbo8Q2uFskL29FAU73hsGGVUCqWrv2nxyymo3gNkMFk53yQkcwKgYkCOb43bMTMdV3oazM3HUWhWOAXODCLkFlymmF0u1fc0gWUHl%2BgNORYG3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f205689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/logo.svg | 104.21.26.192 | 200 OK | 2.5 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/logo.svg IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2567), with no line terminators Hash13a820b3b34d29579f7ae6fc5f4dee5f 780b299b9e0785ea951a2bcac5011b9a9394a8a7 8bcfb571f4c9dd63591e3e68fe16eb02a1b9cf14d47e7ea03977eebbbdb45fae
GET /HOT5st_uk_m_71/public/images/logo.svg HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"9f2-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 6642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qq4WPsFvyv3E6QrV61Nq91dPOWQwUfOQeyvoZfDjWo3LfRU2%2FYivFtqSMAy4Te8wCb1igda5PtWEGvXgtOgB8uYBlVARZKbVIQg6nxsDK%2FhGpDVCr1I%2BAHpb3mnXSFraJwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f285689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/mtapi/promo/timestamp | 104.21.26.192 | 200 OK | 27 B |
URL GET HTTP/3start.pari1.win/mtapi/promo/timestamp IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6febc71f0211994de9248556fd704742 a3006ba28dc0d99123027bd3286eef49bc076384 b3d2c44fd98728aa870c934298024dc0e033d2000fc25d6e85b825be3c2bd934
GET /mtapi/promo/timestamp HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://start.pari1.win/HOT5st_uk_m_71/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/json
cache-control: no-store
hserver: 6
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TyFvPNs9rR2590I87LwOUbE%2FZcPCjidbt%2Fy7J8AGXzemcRb%2F5uiGlRF%2FrHr%2Fnx4OWQRtf%2Bl8hWIPdEEzmlMBDIvna4ZL3B4RdtyTgi891YueQE0Vi8T78pO95%2BXa6jhtxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084b9d15689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/favicon.ico?v=2 | 104.21.26.192 | 200 OK | 508 B |
URL GET HTTP/3start.pari1.win/favicon.ico?v=2 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hashb07a6bd1cdbd8a41cb353e16248e2cfd aaf37c95cdcf8fc1f2f70f137d89b06127cf9744 83d206358b1861052063b9941d7dc70c06aa968d1f1a98a6a4d209582a55de60
GET /favicon.ico?v=2 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Cookie: _ga_T6B092EN9T=GS1.1.1701792687.1.0.1701792688.0.0.0; _ga=GA1.1.1445202931.1701792688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:22 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 13 Oct 2023 13:19:18 GMT
etag: W/"1fc-60798e7603c77"
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axyTzUgRVVve55u7UXcKl05%2FOD%2B%2FJvQBXPKvPgizxY5kbwkNB01rxfKwFl30DSG0%2Boc7q2sLoqnR2Bzae4%2F66wD6ZTJoUsCIQUedUUM1rTz8Aa6WLQez%2FGvtyYNZxhOby%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9088e9115689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/bundle.js??v=34 | 104.21.26.192 | 200 OK | 223 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/bundle.js??v=34 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
Size223 kB (223179 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /HOT5st_uk_m_71/public/bundle.js??v=34 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"367cb-6067a0eca4bc1-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z5cqAqz%2FyZ1comY9bN5RVrjBQRNyXRF27jTAVMevjxTYhpsQ83xime5AAJXNjW9YV9qtjLdoDiTE%2B86HWwFlx0SndYeM5BpvzPAEPztlms%2Bk0HENUsXLUgbc95Xi6QvV10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90836f995689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/common/js/forms_redirect_analytics.js?v=2.004 | 104.21.26.192 | 200 OK | 2.8 kB |
URL GET HTTP/3start.pari1.win/common/js/forms_redirect_analytics.js?v=2.004 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeASCII text, with very long lines (2869), with no line terminators Hash685aaabac9dc475616c3215c5e2ff92d 7184893befed9134da728bca3f0c6629b66061e5 93b1dcfb16d05157180dd77fda66cd324b0c812f80285a14567ad628fb9fa6f5
GET /common/js/forms_redirect_analytics.js?v=2.004 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 27 Oct 2023 13:48:54 GMT
etag: W/"ac2-608b2f306b562-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvAGrrf4Gt8jc%2BU4pD7zKFQ5x0uUDg%2Fa1glZ2yUCiGnr0MptFlK4NcdNcftzkHcbi%2FwynzDdYD3BDqYSjuPyyqe0%2F6voyAvK6OhluHK9AVtb90F%2BpXmFT7F7xY6N%2BgspXj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90837fbe5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/ | 104.21.26.192 | 200 OK | 40 kB |
URL User Request GET HTTP/2start.pari1.win/HOT5st_uk_m_71/ IP104.21.26.192:443
CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /HOT5st_uk_m_71/ HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4Q496DAyscYotuoMC6JppfXvvUc96AiJNZgzAxv3ohvy8CTtON5e0r34eeHnVXbdjq%2B9abhOVYT6prLghYlN8pV9Nc%2BdgpUfJg6IHsZA3Y1ujk8w10KS0%2BP3q9gJiFJlM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d907fed5f56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| start.pari1.win/mtapi/js/build/mlibrary.js?v=1.0.0 | 104.21.26.192 | 200 OK | 38 kB |
URL GET HTTP/3start.pari1.win/mtapi/js/build/mlibrary.js?v=1.0.0 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mtapi/js/build/mlibrary.js?v=1.0.0 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 11:01:54 GMT
etag: W/"92ac-60acfc382665d-gzip"
vary: Accept-Encoding
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 1271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXOd1et7ZZWHdUI1Utif9Um9thJKYrIIygL7YXPrm4xOqpDiVWtYqHnETrjYujURhORqicMfN0N4OXFgEW2QcSquw7kg%2F6UzBwOLHbsxZqUt4NP%2FKrLFCV3VedrgoDx5SFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f145689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001 | 104.21.26.192 | 200 OK | 134 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeASCII text, with very long lines (65319) Size134 kB (133983 bytes) Hash5eb3dbdb973ce53349ae70d22432db34 6de71d9cb2b1274d4f965277de5b266ce019e456 9447e31aa76b323a38a9a0b4b31b8388c34a27aeba46c85581a91f7a8941e4a4
GET /HOT5st_uk_m_71/public/bundle.css?v=5.001 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: text/css
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"20b5f-6067a0eca4bc1-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6645
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p0GOKQO9PvmOkfOJAwp9DjY%2FfNpjX%2FuENkPcEqvTnGX2UiS4dW7hZhUlzSQNyfqeSEqTg3TrqDGKxi4ELcrBFIKCTPw603Uvd58KCtsR5lQRqUaJFj0XFRuuZxAtLSP69E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90833f1c5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/vendor.js?v=31 | 104.21.26.192 | 200 OK | 88 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/vendor.js?v=31 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /HOT5st_uk_m_71/public/vendor.js?v=31 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"15982-6067a0ecab921-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 6645
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0rUaWEPoPXvxPdlO8B37JCbnXFjohgjoYhxxD9eP4wUbxMR%2BxdBuHbt7o5u7KlVSYvWge5xHBSxSs3hib68rm1ozV8Dhgg9zXFoZkXPcFYLnXcCfGBSj1KuZB4XP8rxG7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90836f985689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/framework/frontend/images/telegram.svg | 104.21.26.192 | 200 OK | 1.0 kB |
URL GET HTTP/3start.pari1.win/framework/frontend/images/telegram.svg IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1061), with no line terminators Hash0fb2da934fd3fbd38f6373a417561a92 94b475814a048b3c51ab387ec62cc2ee31684dba 68548402505fd0b720e98249e448508819182f2eef610cda810de7f4145a1272
GET /framework/frontend/images/telegram.svg HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Sep 2023 11:43:48 GMT
etag: W/"414-605f11f29739b"
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZMDAr7Xqz9xkborpKIpA53TY7P0n8Typqv5zNVNob3Th9mG3ueOHJUYZjrlUNGDf0LZLWQclIEDRwSBpX0%2FcwXISolfs%2BJn5SORT7G4QCStj%2Fefiqo%2F5jbG1wxU0jIRwBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f415689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/common/js/global-password-validation.js?v=1.003 | 104.21.26.192 | 200 OK | 139 kB |
URL GET HTTP/3start.pari1.win/common/js/global-password-validation.js?v=1.003 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
Size139 kB (138679 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /common/js/global-password-validation.js?v=1.003 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 01 Sep 2023 11:37:55 GMT
etag: W/"21db7-6044a97745524-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 818
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnT%2F9o2WFJVq7ixOHtqUktzEtgFXhy%2FgMpr3vlnmCmelGZM3iENEO2mXPWj6zXLf7t0kyd4Lh2vKhsaXY%2B7jC07QmgT7lDkhctEQe0yIesT5MRTbQrcpSMXD%2BeCuThJWsD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90836f9b5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-HeavyItalic.woff2 | 104.21.26.192 | 200 OK | 42 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/fonts/Gilroy-HeavyItalic.woff2 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41936, version 1.0\012- data Hash210101a73d249f472d7108a0c9cd2beb 108ccb4fed5c347c0aa56ca2e04990c976791f96 a6acf566ca4cbaaae3ac904635414b0a7b41142ca6001c273c05533ac43e27d3
GET /HOT5st_uk_m_71/public/fonts/Gilroy-HeavyItalic.woff2 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/public/bundle.css?v=5.001
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-length: 41936
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: "a3d0-6067a0eca7aa1"
x-robots-tag: noindex, nofollow, noarchive
hserver: 8
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLrdqB36aTlBtp5NeDwX1fwjoB0q0lLL9oJSz89jKAiHuuR0NrLky3OCCHxlv87WBinm0OWJ4hEgOxYsuVFYQeavsTM%2BJpFd%2Buplh1eGr%2FmNrG5dGRXNXPqCBgj767qJr5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d9084ea415689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| openfpcdn.io/fingerprintjs/v4 | 54.230.111.24 | 200 OK | 40 kB |
URL GET HTTP/2openfpcdn.io/fingerprintjs/v4 IP54.230.111.24:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerAmazon Subjectopenfpcdn.io FingerprintBD:7D:08:3C:AE:82:CC:DB:84:FC:68:96:84:6B:61:97:19:A8:B4:FA ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fingerprintjs/v4 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://start.pari1.win
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 05 Dec 2023 15:11:03 GMT
cache-control: public, max-age=581169, s-maxage=10336
etag: W/"h+ut21lBpYQMY/IyFzkLBYZMrjo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IVcIBWCO1GZU0h1C_qufUvMikqGJNHeWLcgKq1P7t5Ff-pff861Fbw==
age: 3629
X-Firefox-Spdy: h2
|
|
| start.pari1.win/HOT5st_uk_m_71/public/images/visa-master.svg | 104.21.26.192 | 200 OK | 6.0 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/images/visa-master.svg IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6086), with no line terminators Hash976eabbc6327786f697178740153f3ad 312a6665dcbaeaa99a076ffbc8e919acb10c8b9a a48c2eb3be442a295a210926a3474d108df79b9265ef93ba9dc6aa2f8243cf86
GET /HOT5st_uk_m_71/public/images/visa-master.svg HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"178e-6067a0ecaa981"
x-robots-tag: noindex, nofollow, noarchive
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 6640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4bMToUVtl0GQbHfz%2BwmXsCT9BZJE9xwRr3%2FLZk8NbUSi0oe6sB8Kz4J6HbNKJ%2FA8fvBG0nmw0I68eaAVy%2BaiyvY6nPnuFNvYBYQcjOcCxnVI1ach%2FgIDmBJRsGl81jNWC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f5c5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/common/js/email-validation-multiform5.js?v=1.003 | 104.21.26.192 | 200 OK | 1.6 kB |
URL GET HTTP/3start.pari1.win/common/js/email-validation-multiform5.js?v=1.003 IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeUnicode text, UTF-8 text, with very long lines (1681), with no line terminators Hash1e6cc165a62bd9afc1532b78ba424e54 521383724d3389fa818ce7b79bea2d548c3a3239 0bf2e9b1ff2cb860d6fc4b7f2eee07a54001ee14e4d5a6df4a1762da28d0f1aa
GET /common/js/email-validation-multiform5.js?v=1.003 HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"626-6067a0ecab921-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 6644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSCjWUUde56umBaAUPSP7jZ1Xfa4LxXsmtV3mfe8%2BOitPntFHgRjt9heOohcB9ccFFl6MU0HY0BxmdLfjK7%2FthgOz%2BV4kYh2JjPHZGn4T1S%2Bjzn1tD8%2FJk7iHIu7o6eT6PM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90837fbc5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/framework/frontend/images/inst.svg | 104.21.26.192 | 200 OK | 2.0 kB |
URL GET HTTP/3start.pari1.win/framework/frontend/images/inst.svg IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1979), with no line terminators Hash1d7315dff3b7f804c063c7534fabad2b 10e65eb3952d09846e508872ec6dbdc9f5378879 0e8167dbe8f302982b54acce87802506a36404f8d7468461dead5f68374b7855
GET /framework/frontend/images/inst.svg HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Sep 2023 11:43:48 GMT
etag: W/"7aa-605f11f29739b"
x-robots-tag: noindex, nofollow, noarchive
hserver: 6
cache-control: max-age=14400
cf-cache-status: HIT
age: 840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1HP2bVA3sls%2ByAnea81qufl4y7%2F9prmkufIRQS6BQXa9HT%2BwMcWoU%2FskvhixLCG15aVdzKYnk%2B4fPp7GKw2tQeo%2BGHlCVL8qf%2FHG3CrMJ%2BP4QMGIv2KD2XXdl26TmtwQL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f405689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| start.pari1.win/HOT5st_uk_m_71/public/modernizr-custom.js | 104.21.26.192 | 200 OK | 2.7 kB |
URL GET HTTP/3start.pari1.win/HOT5st_uk_m_71/public/modernizr-custom.js IP104.21.26.192:443
Requested byhttps://start.pari1.win/HOT5st_uk_m_71/ CertificateIssuerGoogle Trust Services LLC Subjectpari1.win Fingerprint76:BD:7D:B5:D2:CC:C7:11:98:63:95:39:EA:E9:E3:38:AA:22:72:03 ValidityThu, 09 Nov 2023 10:29:38 GMT - Wed, 07 Feb 2024 10:29:37 GMT
File typeASCII text, with very long lines (2815), with no line terminators Hash55afe67e2c980a10fe08c4853e92d1c4 99c7c4ebdc9936aa83154de55943678a47106eb6 3b8b3f67defb7a4b071c76db92a84f85358941aa1d5b4384d1552c4feb564680
GET /HOT5st_uk_m_71/public/modernizr-custom.js HTTP/1.1
Host: start.pari1.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://start.pari1.win/HOT5st_uk_m_71/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 16:11:21 GMT
content-type: application/javascript
last-modified: Fri, 29 Sep 2023 07:06:04 GMT
etag: W/"aa9-6067a0ecab921-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 6645
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mthBZ%2FBBSm2vYtPjLwiiuwcfZIGlxfEtFmP2YGjjV%2B4PQb9ZKa6EvY%2F6TUVPuT9%2FBcpfJwooq5zzCgThJFhhe4fL6dI2DomRFwx0%2F1Lo1CgMnXEOQAUvgo7VTTnMUT5weSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830d90834f625689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|