| findspins.com/ca/04-hfg4f/findspins.jpg | 104.21.67.44 | 200 OK | 12 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/findspins.jpg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeJPEG image data, baseline, precision 8, 368x74, components 3 Hash956c51f3f067a37a0c6bfaf50d775f1b ab43604087f24e7c33a7eea9ce0353fefe0e5c38 d4517cd7d3764b812b22a3b98d7d3c6b8852f921d600378f372cb73c0af4a3ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/findspins.jpg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/jpeg
content-length: 11532
last-modified: Sat, 22 Jan 2022 20:13:06 GMT
etag: "61ec6552-2d0c"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jx%2FVuupZ1wRjwZqDCF%2BQZhIUErj4JFn8Mrmx5QqYdZo1%2Foe0dn5jIm1PAl2sxZ9EO894rp7oqjKzwCl6Mdy4xWfxLd14aTFu4s9LbuO%2BilbRFoBdjUJKYI0WJKyqgkPQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c50c620b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/chest-closed.png | 104.21.67.44 | 200 OK | 15 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/chest-closed.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 290 x 260, 8-bit colormap, non-interlaced Hashf2140ba25958a9f495db36d667b78930 471e0256e0a6b96d13fe24317f02db8428f5160a a7bfc5144fe9efff023c726477e3d2608dc15855840eb87720308783ca45bb5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/chest-closed.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 15438
last-modified: Tue, 23 Nov 2021 19:08:55 GMT
etag: "619d3c47-3c4e"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8QQ6S77TXSQpJ%2BHC8I%2BXBX49eU5SJVFb0%2BfgG1plsMGkSFtjgmhi45MjXVm%2FZzXo4EQvx1EcaxOwCh%2B9t01EZ%2FJv0vrjXfncsSKMjTATg6hoOcUaW2QWzdJqedm9PWH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c50c630b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/safe-secure.png | 104.21.67.44 | 200 OK | 1.9 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/safe-secure.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 169 x 61, 8-bit colormap, non-interlaced Hashf40aaed807178ddc7112b166d1e41275 8cc445d93388b65892d0a013a04e25d6c6d0dea8 a80797df2942246d80d704db66811045819fccf08e9be1cbe26cf58bcdee3ab3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/safe-secure.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 1906
last-modified: Tue, 23 Nov 2021 19:08:56 GMT
etag: "619d3c48-772"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PP0Bk9uPIXiYhjTJ4Q4hcTatYTqOcmjPIbhk5kjdO3ds9oQ4nzrmgg5OmossGGE7mmKijI0ZV26DkdEU1hW5aEXg0K5ckVAKb3wvf6H1QgRKXd6NyyDt6H9Myi8766F5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c920b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/18plus.png | 104.21.67.44 | 200 OK | 2.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/18plus.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 60 x 61, 8-bit/color RGBA, non-interlaced Hashaa403c19c8bce9b439066f54f5e18f90 d70053bf913f70c4375698c89304eef6fcfbc32d 0467576b0fad150f832219a35b1955628d4b01167a1ff0b65dbd6056d28b67af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/18plus.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 2598
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: "616c4724-a26"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxAUCrZ707O0IA6u9zOdNvcA9dnV706JjF%2B08woHZ5TS6jjNIgLPaultNWcRqwL3%2FzdbWKVOl3KQlgnlb1wOmL7cQSk7zGwzOoDSkq9oC0XqiHPrSlT08wxHpAZVcIxw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c940b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/popup-decor.png | 104.21.67.44 | 200 OK | 26 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/popup-decor.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 1230 x 625, 8-bit colormap, non-interlaced Hash6d5dd1d16cb117ae72aa959b262e9a24 7e8ac051f2177731770e56ec22954fd9fa79bf27 9946739df7caa28f4a60c36b3647a07461b24ae38c95af2f0896663d7e76b967
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/popup-decor.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 25912
last-modified: Tue, 23 Nov 2021 19:08:56 GMT
etag: "619d3c48-6538"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpQ7cP%2BEcoL7SC%2F10XAMYGbKGN%2BXIxAHfwNFNzlOGegHi%2Fc9WHNAcfUoIPMsSaPZrhHV0oQ8aw1ElkcZP%2BfTY5Vvote2EWjjUi8FvF8t4joRXchVyfRaXzKCUyZRaIN7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c950b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/sparks.png | 104.21.67.44 | 200 OK | 7.3 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/sparks.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 613 x 724, 8-bit colormap, non-interlaced Hasha398ae8e15759100092ca186c558849c bebb8299462015c48e0021338cc3b6db744c798a 9cb90012b3eea063202e6b96d48ffe5a1fbf15842c9e0d6d442c88aff15b3b0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/sparks.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 7288
last-modified: Tue, 23 Nov 2021 19:10:36 GMT
etag: "619d3cac-1c78"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khd2zYxRt3qbAKhxgZcNt3vlgQCXEVxu0fGckaxl8OTSMIQihR4Q73yNud7ej6j9bvuxBSd5f%2FBfaxLUT%2FcXng0CvPKI3%2FjoGGE5ldA1VkPbGOFR316fMvo9HD9XNLRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c960b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 90474
expires: Tue, 29 Apr 2025 02:55:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PP4Jr6saysKpBmPeVPN3Lx%2BYU%2BJ0dfLyYUJxim7S%2F%2FzcOzW8tm15HQa%2FM2zYg2FAKh1%2BO4%2FflErTOUsS%2F3qNtFvT6eJy2XUvSs%2F5XVBUNX8U3pmdJH3jKlbi%2BMrQlnOgeFU%2F6PU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880e69c60f501c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725 | 139.45.195.8 | 200 OK | 697 B |
URL GET HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725 IP139.45.195.8:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeJavaScript source, ASCII text Hash94f14cb229550a1d0731242f07760cc2 3bc9dba6fa9375d0e69588e7cd39f0493851ee17 b716f639ae9524c6616f7d4c32e7eb7602ef9e148a3c865c996e5ffb4ddfa3bf
GET /p.js?f=sync&lr=1&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:53 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/fanfare-1.mp3 | 104.21.67.44 | 206 Partial Content | 101 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/fanfare-1.mp3 IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Size101 kB (101007 bytes) Hash54d91dc77f4e905b3d90b66441f6333a c213f2c642c93ac76191e61d9fe530f39340b361 ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/fanfare-1.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 09 May 2024 02:55:53 GMT
content-type: audio/mpeg
content-length: 101007
last-modified: Sun, 17 Oct 2021 16:39:12 GMT
etag: "616c51b0-18a8f"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-101006/101007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRORtpKL94Rw6cnarf7ycU5CONeJz7O56qMfgkSqX9juw7VzGHFldriEOLbHgrj9QM5u12LeMwElgjoC9IzVwWpgmkjJZjdy%2FN%2Bx3FMUhTNiGNsUuu2Z5uCkxXKxkoq9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c7ed650b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/chest-open.mp3 | 104.21.67.44 | 206 Partial Content | 63 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/chest-open.mp3 IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hashe3c0bd47437dd29cfcfb04fffe432144 ac015d81b9ae5f5ced5a8b40e624de24d8276bf4 bb729525208964ad4ebd3af5ed8c9f53db13261c32b5f3f9cb151eace4032fb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/chest-open.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 09 May 2024 02:55:53 GMT
content-type: audio/mpeg
content-length: 63390
last-modified: Sun, 17 Oct 2021 16:38:46 GMT
etag: "616c5196-f79e"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-63389/63390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UO4ErmL5WDJXD4Shu73lbUYQeCqHDaKT9IDB8PVpu1J%2BWpFXfd8SNz14J1WldE%2FW753y53Hpb%2FCHSq1vAqBq8rELiWhPizzqj3gJ6YJKv3GDFA2UOjnVZmXajzwhB8qI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c7ed600b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pg-pixel.com/js/px.js | 104.21.21.234 | 200 OK | 67 kB |
IP104.21.21.234:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerGoogle Trust Services LLC Subjectpg-pixel.com Fingerprint98:21:23:62:84:A1:B3:4E:65:46:C4:A9:13:66:18:15:B9:05:79:1A ValiditySat, 13 Apr 2024 23:10:16 GMT - Fri, 12 Jul 2024 23:10:15 GMT
File typeJavaScript source, ASCII text, with very long lines (9919), with no line terminators Hash776ab3db151658b63d300df5b5bbbbe4 654c7636432b55f28b8e2400d06500e93f2110fe 3689618df5e2a98d0b3c626ecedd5ae31a2ce480bda98cf6852f34924e915567
GET /js/px.js HTTP/1.1
Host: pg-pixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 14 Jan 2022 15:53:41 GMT
etag: W/"61e19c85-26bf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiXI6A3biFufjQueCTKfQdJWs%2F%2F1YkMaOkHkGlAQgSgeXnWzUonZAOhrilBcyOersY9FZfChmL9vOPM2Hyz15jc6U0WPf6AJvgNoNPRKsCWgw0s8vVwPfZ%2Fr8qsP63A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c61b0b1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/fanfare-2.mp3 | 104.21.67.44 | 206 Partial Content | 101 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/fanfare-2.mp3 IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Size101 kB (101007 bytes) Hash88da6b9ed0e64ef406ab5e7b3474b227 92068d14a2c4cf93de697cf9abc9496c3c5c481b 1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/fanfare-2.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 09 May 2024 02:55:53 GMT
content-type: audio/mpeg
content-length: 101007
last-modified: Sun, 17 Oct 2021 16:39:25 GMT
etag: "616c51bd-18a8f"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-101006/101007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ieo9IMAgQ65SUevrXiaIHjHG5Np78fsXyiKFpyNH5mXxznW2lOtXPTc48IkJ15eo982NF06Gu0%2F6n%2FahLb4oMJdV22n6%2BVwBVxK1WGCwSDNyPYbCP3lCt9jO4JdX30B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c7ed660b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/popup-bg.png | 104.21.67.44 | 200 OK | 81 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/popup-bg.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 520 x 312, 8-bit colormap, non-interlaced Hash3cdef483885c444733c636c2c9479732 a3fc9cb82ed06a789bf704efc83b9f50cdac50b8 df76ec97f47d3c8403e1787f53ad86a80e0025ff101de3c44bc428616b5b9deb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/popup-bg.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 81444
last-modified: Tue, 23 Nov 2021 19:08:56 GMT
etag: "619d3c48-13e24"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opcun57YvRUsu8Tzcqb40A3sJzTIvp%2FfQg2JDuv7Y2aAhrrpPLynNUlc4ZdgcL7hiFg4qg4FhV7gYaqCjC2F3yg2BOdhu19Y0a1l9OQuShv%2B058bdzZMQUKEe1FO0Zsl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c9bde80b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/button.png | 104.21.67.44 | 200 OK | 1.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/button.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 646 x 119, 8-bit colormap, non-interlaced Hash2d6c587e851c8a5e62e8ccc1d5fc81e9 11affe9957fcb295a12319ee053d74f5fdc82f84 aea9b849e6bdc3785c165b857a302d4e3b6847aa24b46ac40e29e3eb497a3017
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/button.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 1552
last-modified: Tue, 23 Nov 2021 19:08:52 GMT
etag: "619d3c44-610"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4P%2BlJPdZ1JZ2tFD18NdwL6iwHtGLte%2FKHPf175ka%2FOlI6tkH8N0uqJg2LMRwuIXI288tCUUj0nsdAO7O8YHyuzOaUkLKfQ4PNbA7o4jpjVkYY1TGLyVCC%2BXg%2FPEzSr1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c9bdea0b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/main-bg.jpg | 104.21.67.44 | 200 OK | 32 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/main-bg.jpg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1000, components 3 Hash396f2d9500d7d908f73f1174556fade9 38a84356022e0394550002400eb3c04d0622a4ef efeb7a82abcef759f27847422b34fe4ac20d479e6bc26035235a213e1bfe0386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/main-bg.jpg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/jpeg
content-length: 31479
last-modified: Tue, 23 Nov 2021 19:07:42 GMT
etag: "619d3bfe-7af7"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0XuxG1R9i7H%2F3E2%2FwPCej%2BnSYjBKdGnwdmRu%2BtGwJ%2Bj04vbV8h19BiQj3Zrrv00LIKgLmLabXkKuRliyd4saz%2BQPNX9h2Zmbkfrq%2BNI2lM5WtAX7hHO7UtYjlM4K27S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c9ade50b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/main-img.png | 104.21.67.44 | 200 OK | 48 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/main-img.png IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typePNG image data, 1920 x 115, 8-bit colormap, non-interlaced Hash0259fc69a2252bae2adf02e1d7e0ed6f b9cd992c4bae854623d1c6f53d91a1feaa134ff9 467120c8af9af6e1147427ff9e62cc9b2618d5d55089e5d7ab1420df4260bf3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/main-img.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/png
content-length: 48358
last-modified: Tue, 23 Nov 2021 19:08:56 GMT
etag: "619d3c48-bce6"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doTXIV10bDbaanc5hbSea4noAf3L4Oy4kn3cnb6kqXJGXDMa%2BEtMzbsh72HSBidAzb6SD255E9gdP5ck44KAa6lkeICIU%2Fozbq%2FuYnVvpDFhZ5q58AJYRnqBfZqZtkrZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c9ade60b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/betsoft.svg | 104.21.67.44 | 200 OK | 2.1 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/betsoft.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash75df55f07b69135f65faa2a4813a8d4e 3ead817513d1500ef80c04947959191c9b5ef186 c5066e3e61f19209c4496152852b729269143645b91b7f9cf98ea7a2bd4ccdff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/betsoft.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-105d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp8X6ycLImNyZ1ljpZBuCQeq1LoQmN3dW8YAAog8fty1Cpqki%2F6DaWNuJZX%2BKc%2Fjl32EcBOzVy8Hs%2FRmOfrfzbC2zJK111miO1V%2Fa4B0V81%2FFattXLz1NP6TPfbYtHIg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c780b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 408437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 3654
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/softswiss_casino.svg | 104.21.67.44 | 200 OK | 6.5 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/softswiss_casino.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash96e81660636d80a011b0ca7f396cbcec faca175893cbda73bc7def562b0fbecdd6dc65a9 c7035b38d2d7e872c834a0e1a5be3cf5f9711144fbb2c0c8b04f8cc8e7235e1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/softswiss_casino.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-4b19"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0d%2BDZDhAuYsaHrpkZ3iIs5rlY6n9B51kZfLqJxmE43bpdy4tv%2FzwW8luCZhWaxLNk8Y7OaLJprjjapSZqe%2Fl1oux3QZWTbpUI%2F%2FqZ3SJbl6mk23sUyu00OSMOjR1XWC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c750b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 298
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7f8b27b85536affeca6ac61e60e28ab9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/idebit.svg | 104.21.67.44 | 200 OK | 4.0 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/idebit.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashd671ad3415c193079d63ad74749be5d4 9169501425e62e2f4525df5955ac3b9062a582df 86d90ffaec9e24aaf854a9f1aa15ecfcd3f50befa6491b24e94fe23bdca86b92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/idebit.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-24fd"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZLQ7Dzmh5We0eBUaQlp0E7En56oViGmW9E4s%2F1j8LRkY%2FNh1Sxb3b7anq%2B9URy0lJayuOUtRrxU7BzAeh6%2FaRJx8sv7BHmnpxt%2FF4499M7Ok80n5sFbpsyIRchW08xr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c700b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/instadebit.svg | 104.21.67.44 | 200 OK | 2.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/instadebit.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashacf03ab16424fe2b9a49ab4e626d5130 06e5df9a7c43b2734abcfbe16cc32e7436395ee8 463e8ac8374e63d1781f5029a7c97f709c01990fd27d1b66f2c51e25bdf9f39a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/instadebit.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-195f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaidV9eH1FpHP6hJrCusmFVK9AeWDqStxcR9BYrDaCclYvgYP5uvYUfw9mWiTpLTHoMRKIWpm4k5xQ4EwDMazj5VKSvey2nfs%2BpMRopnzEYD60LN8iM4W5EDlclSfLR8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c710b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/paysafecard.svg | 104.21.67.44 | 200 OK | 1.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/paysafecard.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash1d564f428721186c1dc4f9fa43689ba5 c05e0a599644d6f7005871ec7c556a15ab4772eb 60a60673a23045a0b89084bf9f8183a067cf1975cb5417f5fdf2436b5da29737
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/paysafecard.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-fad"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lfz%2BfBYAE6RBb%2BRaGahswDJPNWxlUi76hhPDNaAWOSPfKNJSYXzS%2FPKNi%2BaEqVJE%2FAEz%2BYYNYWscfJcoHJelCZl687voHlX6i1GlmK%2F6wZthAbHNCga%2B%2B7%2FXpbzOWw6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c51c6d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash0a7ebdb02870e060106fb50e9317368f 9dba0586dba2047e68872ed542691a80caa0b7f5 e34b03235717144a69c252201741deb9d35555614998899ab9633b29df59faba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://findspins.com/
Content-Type: application/json
Content-Length: 983
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:54 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/visa.svg | 104.21.67.44 | 200 OK | 837 B |
URL GET HTTP/3findspins.com/ca/04-hfg4f/visa.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash5d7c31cda4e7d4ce7455169b6b1478c5 9e09775f6742d44e302fad01dd10f1eb58f388ec 39fe8418fb17b94724b0c60664235f8db3bb6dd06e7decc4987765c871b61082
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/visa.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-5a3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLUd9hoXH69ruPkYZ%2FbC3Fy95rU8SgqQPUgIRMcwjZSWvXlGFjJetANyludG6zhvIFAumiSePvQSX%2B2ZkL2w5Zee4poNoSHvL9yUGSRF%2FnZORylP6O0pLHx7cF%2BgHL%2FM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c50c640b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/endorphina_w.svg | 104.21.67.44 | 200 OK | 5.3 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/endorphina_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashbe98bdf9228b32ec53f94671da6b2344 57896d8aa3e4b61626a700ee3bf03bb439d76235 15f566ec3233a2b94ac39b0e412a46b4fa952b8260adcd6a08d70397bfc06692
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/endorphina_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-d36"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6McOAh%2BaKO9PkBKzfDhgFw9qQdBve6aJgHGxwLP7F%2FgQELHKbfz60fjgrvW54ojqvGzw8Xyk%2BIIrSTXBbuT2gTTLb2LmyHMqCRt3XiDkY%2Fut5cDrbWyXiBOO4%2FbhAG%2BL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c760b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/main_script.js | 104.21.67.44 | 200 OK | 10 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/main_script.js IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash6198fe2219a57d0181a456ab4d293773 239930396580a7ac47b21afc9bfffe54b0bd89d8 c7f9790726d2c9b751224789b1a82b0c2fcb3b329473fd7deb87813d09f90a17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/main_script.js HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: application/javascript
last-modified: Sun, 17 Oct 2021 16:18:21 GMT
etag: W/"616c4ccd-5cc"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crCNeYcA01K6ecg91gr6Xzl%2FibwPDzVF9YuHQaLv3QBQVhcskzprZLuLfCKoYcapK1WIbzS66fC%2BazWgfxeZ9RWw%2B3dBOOv4Pqset6G5V6pDWj%2FOPs4k5%2BcuDFLt70iW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c55c990b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/etransfer.svg | 104.21.67.44 | 200 OK | 30 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/etransfer.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashe27915ee9a47c8fdfb36eab99b79d278 26a9bf6d1ba7e1a46c224ff440c3c48836b72d9c e78e5333f8441c7e3ed0334e65b31fd12dffbc51d0e38d8c91b96b8a11cc25ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/etransfer.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-1021f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZc89Wkb4Ir04b52T72XsqJPSi%2FFDi8qIV5kL6LqLZ7sPT3OD6QEN0fa7%2BWaYKVFtfN%2B8tsrlLD7EnZ8iKkr70GlztnoJXzHhPlERX3F6Pj6GJSTQMJELzwel9rr3gxA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c740b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/style.css | 104.21.67.44 | 200 OK | 9.7 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/style.css IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeASCII text, with CRLF line terminators Hash30d7643ffe366116584e486476473933 53599ec417762df6e329fae3a99c7ed073c98398 eadddc03c7fafcb715daf5c4ba6773c685d91291e55ae4ca1693f0af83a7e2bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/style.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: text/css
last-modified: Sun, 17 Oct 2021 16:51:20 GMT
etag: W/"616c5488-5edc"
expires: Sat, 08 Jun 2024 02:55:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpTbhWf8c6SIdRDn3%2B4%2F9iZmJkYmUTTp%2FavSc8KXi7N9dQfpzWXscLq7rujTSgQ9UrEDoquqCGkgCEinzfVIRJv2DBdcknhxQ3Dg3fK18aXtqZqN7tfJihEJmI0ZAsOQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c50c5f0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/favicon.ico | 104.21.67.44 | 404 Not Found | 146 B |
URL GET HTTP/3findspins.com/favicon.ico IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeHTML document, ASCII text, with no line terminators Hash63d7d0fac1fb1dcc7a2cc2a5fe5d93a6 9b2f2822de107de2319d3dba3cafaf49246420e5 71b45ab43cefc5356ec1cba3f2a46e5124e8ab9860de8910212211c3f5f2ec43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 09 May 2024 02:55:54 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0yBidaNjzYNToTnSI6P2FQllt50BXVbtxQcESkSpWs7%2B3c8sDrntBcMNGCLBmw%2FOPqteCMel7Q4oclOkMfvkTjdVpujOi7IM1nbdcwxX2m8gQsFCAzCFyu2fm7KfiBh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69cbdede0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322 | 104.21.67.44 | 200 OK | 566 B |
URL GET HTTP/3findspins.com/sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322 IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeASCII text, with very long lines (605), with no line terminators Hash8a02d6bb6ed63d9aecd9494efd3c51ff 7088d046b245c4d6267ed4710bad804227a33a78 b3ee8b37df97b10d19b3a9c6701eb4f254b153c4e056be977f3d335cdd246591
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:54 GMT
content-type: application/javascript
last-modified: Tue, 23 Nov 2021 10:47:41 GMT
etag: W/"619cc6cd-236"
expires: Sat, 08 Jun 2024 02:55:54 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Azr05vGiP4yB7zHOUUqq2g96sV45e7kWUzDMN4wGi70Rk2lQwt%2BJYCkwWh5JJI5i%2Bn%2Ba24EUsbfe0%2FXPLe1howYV%2FVH0OCwzcJ2q%2BSLv4gAIgdX22K41iS1EEdYPSELT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69cc4ef60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/index.html | 104.21.67.44 | 200 OK | 10 kB |
URL User Request GET HTTP/2findspins.com/ca/04-hfg4f/index.html IP104.21.67.44:443
CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/index.html HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 02:55:52 GMT
content-type: text/html
last-modified: Tue, 18 Oct 2022 20:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhYidC0IJDLbaPSf2624ijfDTVRB6bIq6U49Jjdmysb8Y5TAa02jxq%2BqnYvjKEc6ILXbupD1O9ufyQ9hJEuUwA8B8lenI%2Fc2uZnCe5ZSoaZ082W%2FaG6%2FfzEe2MNh0wVO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e69c21a665690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/interac.svg | 104.21.67.44 | 200 OK | 58 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/interac.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/interac.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-e322"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFYotckONCbP%2Fe5%2FMA24puIZILyLMjhL9pHkfH9NTbWKZKQ%2F1mr4xVBMjH3%2B5i5%2Frax3cPplWIuTIei6YOfvRniqLV%2B4UX1CMDhPFiJAzIOEg54dHVQzO%2BTWf34MqiBX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c720b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/barcrest.svg | 104.21.67.44 | 200 OK | 22 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/barcrest.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash87af61c451d27bd50fae6a3f04cc4515 abfedde8325db472792fbab2f0a77c07f0867029 dff16f458103e05d9b1b2947e024eeafe127147fd575dee825f63df450faa32a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/barcrest.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-5778"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1fz3Jsk9jCGQOgrRhx%2FF6NpKv4XlabTQVUwpDqNVVqzDT0z%2B0TxroILG1xRgJFSOnDIky075nWVqojA%2FFlGkNkfPEWfTFOBI2Q3YSEUtz56JhHB7g1bLmOapNYy3BbS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c8b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/nextgen_w.svg | 104.21.67.44 | 200 OK | 5.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/nextgen_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash909ccb8e42f6f127860ad199f89a58cc 1ec72e100c08295dbdb7079061ec16bfee62ac2f 0a0844d3edc52fda1509e672253f7609f6624401daa8bb6f0e8578dadcc5862e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/nextgen_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-1605"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8mem2aLtE%2F5UFwkQRsfo5vdGakek0LyG32yb%2B43Nb0Ik8oNc%2BeIU%2FefGA59Xs%2BUturlSEjgBu1yJUpCFevm%2BI8ZrytdKF0BBK%2BDjMeFk5trzAcX%2BEzDc2Vs6WjdQQqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c810b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/fanfare-0.mp3 | 104.21.67.44 | 206 Partial Content | 63 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/fanfare-0.mp3 IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hashf2c333e40a1d9f108b566ed14e83dd78 4f75f8e7c290b6c9f14f93699516b7097e5cc4af f7ca13295aa54ad1520ba5a6eac602d5cb0143cc5c21d4c12ef1fc03185b2bb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/fanfare-0.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Thu, 09 May 2024 02:55:53 GMT
content-type: audio/mpeg
content-length: 63390
last-modified: Sun, 17 Oct 2021 16:38:59 GMT
etag: "616c51a3-f79e"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-63389/63390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cm5z9Hn%2BriKhICgnCZhXXyFUy2zRV34OzSu8oaZ%2F5g23lO4HX%2BYQBw%2Fzhnrom1Fcm3q%2FA%2BqxRRuXT2d9GdrVst833dajElUUcYgqEY2sVfB8I8XTAe1Ok9h0SYeXAtkP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c7ed610b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/netent.svg | 104.21.67.44 | 200 OK | 2.1 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/netent.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash6efcbe9b1bb62bb79d7574d66b1b381a 99573b35c3036059766e0d071af00a93d1fe0057 86025a2b61b5b24f1b6e6afcc56c5849419631b4498e27c1ba4487dcbb9f92ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/netent.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-813"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=biKIXV9UZSPlSLt06HGFStNOxCd4YmOC%2FgMBcWvjf3nRU392SRCaBfJqYvEmyW%2BlhMkVUmoa5KPNWbRZDQUhBQbEDHmjmYGBxDgG0fzI2F88tBfazaljEmVY1ufCqFbS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c7e0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/bally.svg | 104.21.67.44 | 200 OK | 8.3 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/bally.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash9074dddabdbc6a066262f6dbf9863347 5ac354cd858c134d862a629e1d50e4ebc386e464 671d08c058918ef4bf9e0dbe78a51dcc7fdb0b065556c9e95f4897439274fb24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/bally.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-2075"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9k2HrOW6pyuMJSPfvUXWQCbg%2FwnwMlXH6CnOYFxUfYXj%2BAkDH%2BLIDKOCrg5JboXESBpfhBVNu6q%2B59ocQRjvePL5HDEAzX%2FMdSdFm%2BTK%2BnbPFm1hWzN99I2W%2BiLlkrsE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c8f0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/evolution_w.svg | 104.21.67.44 | 200 OK | 22 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/evolution_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash91b1b26d38f5eda886bb65d0046666ca b27f11dff386cf7da26ac75b4d9e186307881886 1dcde139ad8703e33bd2a3eb5f6e90b5ae87ee1059f37e448c0c2acd6943a986
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/evolution_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-56e6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w78BBOGP1s5ebDMRy30gCdrPs37nmGgsnxJ%2FoFlb8ZjnxThizLG0EmopAVXVzF4t19HcWVj9IcyTueFuZwp1fOEBg9cBCDQf2WIjWueMKTqM7B20ONYth1upSNidcp6x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c52c7f0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lemouwee.com/zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1b8a6ac7-b2e3-4608-bded-3b090eddda71&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2lemouwee.com/zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1b8a6ac7-b2e3-4608-bded-3b090eddda71&action=prerequest IP139.45.197.251:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectlemouwee.com Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8 ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1b8a6ac7-b2e3-4608-bded-3b090eddda71&action=prerequest HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:54 GMT
content-length: 0
x-trace-id: d0fc6fb9c6181dcdbace3bfdaa28d480
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/yggdrasil_w.svg | 104.21.67.44 | 200 OK | 15 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/yggdrasil_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash4181506d5a6f20b3889921ef80c0c096 ff0a49eaa1fb140af91bdd85baadecab236d3b01 3de265634ba2df73d108a2217a89a25f55c701880e828ce7fe0c8ce51fba7d19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/yggdrasil_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-3996"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKoCcLgLgBI%2FosJiZx763S1yTZ3vFBqRlQ%2F%2BeD%2FrKwS9xm%2B6UcxTD27iTbNM6AVO5mtrbRNt0swifrAwxf46BEY6Jz4BABHkn636yuljIHeUV2DQNorY%2BVNPcqX%2FFHTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c880b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/wms.svg | 104.21.67.44 | 200 OK | 1.9 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/wms.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashf677806cc2062949524084c0d0a8343e 65dcfe11585c9da51257f6b33e38472f199ed879 6c41f06448157c1857ab76ce70f9e0d1994a30fc3cb9d21495d34c083f72ef21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/wms.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-79c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPQsKzDdONAS%2FOQRNbr2jlgSMhrriyEanwCO1rxmqJrEO%2Fz%2Fu4G4OFcXigJ7UItnvyEnKBB2xvOo%2BqKtZ7N%2FUnn7nYQKpJGltZZZWh5%2B3MzrqAY2Nk91rVPDyn3fl1tB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c8a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/scientific.svg | 104.21.67.44 | 200 OK | 14 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/scientific.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash982908fc9551ffd8098eb894a2dbcb18 ab6d79d51aac7a85b13fb5b831cbb252197b1620 279b4a4d2b0e211df00b766b95fbca6f438508b2b98885c8952bb6619b0771d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/scientific.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-35b2"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqiGIQcgMmT1g2bxqvFXp5XIUkwv58nNtTa7yrtFR0yBeGQdiIZP8LOw7yVbFL0vbSp6QHNETMGJw8IHXQkIQ%2Fve93rDQ3VBm%2FDPVdGw%2Fjj5OoI4llD7gMrsZAKnOdss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c8e0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/responsiblegaming.svg | 104.21.67.44 | 200 OK | 2.8 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/responsiblegaming.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash718446c85ce92e96ecc45c24e2547de7 3f59db987667ed885e162c9a94450245d37fe3ec 5df1009cca45fcbfc09945121e19528f7fbd791471ae2e7793ed835b74f9922f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/responsiblegaming.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-ad6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8yuKcxGSsweaWULhLkQNYw8YPvnR8XrOmiufYJ0UchKpiUlWjPejNHtV%2F%2FMVcjHgURiBhp6%2B07BTQLThka0AU67sXRstl5DrjYjGuaFP%2FFwXBdBBoYwsf%2F48tPEU9Tw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c930b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js IP139.45.197.251:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectlemouwee.com Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8 ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
GET /pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:54 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/skrill.svg | 104.21.67.44 | 200 OK | 1.7 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/skrill.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash78771e0151be6be3e85161a643d476ea ad69b96c924419452612014db06b563f4fc0a544 d9df5f0f864f335e2c70f5a328602ab817d5d5ab2c69e30f4367cd0cee7b554b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/skrill.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-6b8"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dezzas6nRbQmqzUMZ306HOSMxO6Cr3X0%2BrCEsU3%2FrQfA4FfqPlEc9QaLDFaLEvtD8ROa5dhqa5KnNlR%2BLVlpb2w7AhC3tJ%2Bo5p2AbucNlItMe8%2FbAE3AFBZwdYVxpMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c51c670b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/playngo.svg | 104.21.67.44 | 200 OK | 16 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/playngo.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash448a2e6f2e5b462d7dec511dbed1c6d2 f63c8bac74f4ee70406027adb48237b7988ee57e 7ea73a5d815be11cda7b022eb96c6233388f19da2dfd4cc6f4670aa2ab499f0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/playngo.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-3d8d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVvPVBRfj%2F84t40xybp1fkaa5DsRGtmAoKvNhukpKPmy1%2FmC37MGjOll32h3drghRcophzpze3uW7bs%2FfUCIOvcUx%2FTjpiOThQ2XxX%2F9pXUeZydi1mf%2F7yLzS8immeCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c840b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/red7.svg | 104.21.67.44 | 200 OK | 5.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/red7.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashe582d6083a46c2363efc8d466cd61333 69a6386545e30cce6bced567430b205ab2461139 33245a6eb6a10cca9fae0f0948b8f65bddf9373c77773b7c311ae3dacd9ecbf2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/red7.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-15fe"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5p%2BMqhl9xZ3qEiDnmSL4IBxkYBL%2BQrAL2O7CMtt%2Bc%2BsYTvNA1rt7UedtzWoAi4R%2FO8ZVNbFe11crba0pNz9QQM3LKp38xEJvCPK7qx0DyVJAartCtGfIZBve3Mgl%2FTcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c8d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/zimpler.svg | 104.21.67.44 | 200 OK | 6.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/zimpler.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash90fac6187c4757e2779b8e08ba14bea7 e6bc1548b0b704facbd734f0de4cf2a0f5cb4876 ed01666d0e08328196442af7560dc9c4477cc03cc8548e3373d4d15b6f9afd17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/zimpler.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-19bc"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZKNgXxt%2FzdPBsyOTJiIs3D7t4p7Lcbh9RJlwwCtwHCUVh5iBA3I7rj6U8NZSd1FADuiSvY2nC7ITfRoXjS%2BAS7iyE6ID74Pqm%2Bh4rU7xN9a361My3KfINCvN0fGfCFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c51c6e0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap | 142.250.74.106 | 200 OK | 28 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap IP142.250.74.106:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash7b1884acc9afa1fbd97c1e3e29d13b55 c4b4171b50d3f29d7af642875e63d8427d0067aa 7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 May 2024 02:55:53 GMT
date: Thu, 09 May 2024 02:55:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/quickspin.svg | 104.21.67.44 | 200 OK | 3.5 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/quickspin.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash522568edc1c1b9c082d97bacd48a22af d12e7f32789aeba04d6e2d3e4c134a2fd14e2dcc e59e61a8f0395bae6225f442fbe5410a2e37b3b31ec4348435950506485d0432
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/quickspin.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-d91"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWMph0kcJn5i3bp9kmDEfVZh%2FKAZVkKURO%2FYGE7DNOOl6oEvBg1KOjv1mjZB7g8oMMI%2Bc9SLF9QcyQrOA2Oo%2BZwD3AU1A%2B191IiB4Wix1WFCFKRmUqEi6Iyin0vmWva0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c870b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/wazdan_w.svg | 104.21.67.44 | 200 OK | 1.1 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/wazdan_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash11f1e1d3850fa2aaf250b78c2bc36503 b88ff8dfc2bd456bab3973249fd50b9046e7559d 4b03f3efb27299ef07031fdb26567b5c31de3e96cf2880f0f8e0844c0ef70bf5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/wazdan_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-449"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOfqBKWCddSfmRuvFKz0KqLKYLiANeABSdemEPwbPNpMgP4TbtfygqZsjRJ16seMMngq9EHmmWJ1W6q5bQTwfRdAIb5OXaLn6TiDCjDh8Il3b7LA4sM50vCLdfQ3cgmq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c54c910b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/neteller.svg | 104.21.67.44 | 200 OK | 1.8 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/neteller.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash28397f0d5dc8d19c7fce11160a319efd ba74c3c5437388accd3af595902d93572264b7e3 b9c834dfaed1ba3e01c81d8cceee9998aee1713cbed6a23a2be7ced609f58d3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/neteller.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-712"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VA53vMfaI3pTDUEd4n8qKUsuEsHxxHKRLAqvrMKY9JU5DHGywh9AQe0yTD2Gk%2BeDHUZxOzSv0RVdvL3d4fDol1WowDjy%2BQV5fOFdBFlPz6pdq%2FB6TYbjR3T5R1wJnPQk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c51c6a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/mastercard.svg | 104.21.67.44 | 200 OK | 8.7 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/mastercard.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashe3eef6cd89557459f1894d83d13d05d7 b65592d38dc965d2df61d2a97910c5bfad85cffd 8a0622bc9f9f7060137e929db78c5d8d23177aff5c643e09968ab4d630fd0d4d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/mastercard.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-21ca"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TO2Tf6zeDZyfUYcW%2FSnl0n8vAYP%2BL8%2FRvgd2xT%2B8TDFJ3yO0fDxa5fcz5psTZmnSKYuk%2BIgBU2FMP8sNuuy8i%2FLfG%2BpknSOm7%2FOyzgcLjCjrQb2J7hMrzqysqYPBhF88"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c50c650b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| findspins.com/ca/04-hfg4f/pragmatic_w.svg | 104.21.67.44 | 200 OK | 3.6 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/pragmatic_w.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hashc3b47d26a7d923123e3fa194e6603cba ea5392c4be2897dcb8f6c0d57ff7230d4c1802df 871b359f0e2565b886e2dc4f1640815a90b426fdf156791ed225ff9c2255a4c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/pragmatic_w.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-dff"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bg2kA2B7W3%2BuEliXl8P2ohn8xJMho3ksKga1WbvlkszazxwSAiBHNSkiEwuLaKLRagMSfc7bl5kqQZnGYg9kdWH9uIwAJqQ2XlTYTDVPir%2F2Oz4igUnunWRbKktTlDss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c53c850b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=sync&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fca%2F04-hfg4f%2Findex.html | 139.45.195.8 | 200 OK | 43 B |
URL GET HTTP/2my.rtmark.net/img.gif?f=sync&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fca%2F04-hfg4f%2Findex.html IP139.45.195.8:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=1a3d76e2ffaf633199a4cfd989883e1a0a8431d7de8600dbf1cbfb28d34a0725&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fca%2F04-hfg4f%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:55:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0880579b1a2e4a8de777bbeff7955f32; expires=Fri, 09 May 2025 02:55:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| findspins.com/ca/04-hfg4f/maestro.svg | 104.21.67.44 | 200 OK | 3.5 kB |
URL GET HTTP/3findspins.com/ca/04-hfg4f/maestro.svg IP104.21.67.44:443
Requested byhttps://findspins.com/ca/04-hfg4f/index.html CertificateIssuerLet's Encrypt Subjectfindspins.com FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT
File typeSVG Scalable Vector Graphics image Hash7786069601ff260e05fe5121988656ae 7248e3b2e28a6be42c8f70eb7c8f1ef2678cb990 840c330a052b1269f0357fa1850b15a1b31ab24111ff4976b4cf4274db6af085
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ca/04-hfg4f/maestro.svg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/ca/04-hfg4f/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 02:55:53 GMT
content-type: image/svg+xml
last-modified: Sun, 17 Oct 2021 15:54:12 GMT
etag: W/"616c4724-d87"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FIgxYcS33R9Tb3pn4Xcx13Y7LqxU1z5OOCLk3pcRjkfgG4wobBiEwA7GgFTO6SrCU1FSu24z2y7DutxAYyKaz0bBAym05Fo4anT2Bo6Amy%2FLH55xbzHqmD4aJGmXqgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e69c51c660b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|