| bind.bestresulttostart.com/xf4mKQ | 193.163.7.113 | 200 OK | 5.9 kB |
URL GET HTTP/2bind.bestresulttostart.com/xf4mKQ IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (13785) Hash58d15c8061659ef77d42e8c5d3ff4984 4fefb78331ee102e720c03a36265f3b286df3457 709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /xf4mKQ HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2
|
|
| maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F | 18.157.122.248 | 200 OK | 120 B |
URL GET HTTP/2maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F IP18.157.122.248:443
CertificateIssuerAmazon Subject*.matomo.cloud Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash3d4d5612567577ba77d0f05858642a23 5ce9101c7c60cf5e250392daa958715cba87f070 0250bbdb45b12b2e91e907470bfac77c8192bfee5ff517364e599c60e3cf4188
GET /plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F HTTP/1.1
Host: maxcasinous.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
content-length: 120
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| maxcasinous.matomo.cloud/matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 | 18.157.122.248 | 204 No Content | 0 B |
URL POST HTTP/2maxcasinous.matomo.cloud/matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 IP18.157.122.248:443
CertificateIssuerAmazon Subject*.matomo.cloud Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: maxcasinous.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://purecasinos.org
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 18 Apr 2024 20:04:44 GMT
server: Apache
access-control-allow-origin: https://purecasinos.org
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
|
|
| visit.startfinishthis.com/fGGy8K | 104.21.64.161 | 200 OK | 0 B |
URL GET HTTP/3visit.startfinishthis.com/fGGy8K IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:44 GMT
set-cookie: _subid=376l60je3c420; expires=Sun, 19 May 2024 20:04:44 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQ3MDY4NH0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0NzA2ODR9LFwidGltZVwiOjE3MTM0NzA2ODR9In0.QEXs24DXioN0a7E_y-TYixWbNqdJBlidsCQhAdNaW_0; expires=Sat, 06 Aug 2078 04:09:28 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANKneDIdQFwI0tAZGkLmbItkDZ2Jl3%2B46nSdvpIwGOp%2BdC7xOJ0uAo2gI5XTVCXc2ZBKsIFQsfkMiCUP31VpTyhNuTIfCobzsLVDXCCAw2MvCN5cE0nDTZONR%2BQtnoKg%2FqxM6eI8A3O7%2FyjT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674403beb55689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| scripts.bestresulttostart.com/tDTDBJ | 193.163.7.113 | 200 OK | 5.9 kB |
URL GET HTTP/2scripts.bestresulttostart.com/tDTDBJ IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (13785) Hash58d15c8061659ef77d42e8c5d3ff4984 4fefb78331ee102e720c03a36265f3b286df3457 709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /tDTDBJ HTTP/1.1
Host: scripts.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2
|
|
| visit.startfinishthis.com/fGGy8K | 104.21.64.161 | 200 OK | 0 B |
URL GET HTTP/3visit.startfinishthis.com/fGGy8K IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:45 GMT
set-cookie: _subid=376l60je3c446; expires=Sun, 19 May 2024 20:04:45 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQ3MDY4NX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0NzA2ODV9LFwidGltZVwiOjE3MTM0NzA2ODV9In0.SX4xK-1ha2z0-3g7z7g-gAY2D-gS9ufOxhrufFb2cb0; expires=Sat, 06 Aug 2078 04:09:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5R8pBWWwO3PixPHDG7wXqbm1c2SyHWbXPPg0Z3rIV23V%2Bs4TUxgxBwZq%2FVItBc1k%2FldlXdc54rGmXbpMf84N%2FKydbpY6cf1ipwMfAZvWtCgiZcBxpHnkY%2BBJBVFpl%2FLfElpFmtTSqABeUvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744074a8f5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js | 188.114.97.1 | 200 OK | 9.1 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeJavaScript source, ASCII text, with very long lines (3009), with no line terminators Hash64b167576f38f8cb47b12620b20a5144 2a5eb610aeb25aeabf4fe3afd499de16c3551381 fd6da5d43d0dfbc19ef1cdc28bc469929f5634a6352ef59716b43bf9d218339a
GET /wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyZYZYqNw5o4KRHWZphvzZilwD1wrYyztHH%2BFUfYKsyvsViCVd1q2vtJ0KLZWOcUgqQCMZONqCaGQzFkpNTAsBAIQj1OTAaV%2FyG2bvI7ajA33TPG0MG6s%2FPDaPub%2FkEkIjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e885690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js | 188.114.97.1 | 200 OK | 9.6 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeJavaScript source, ASCII text, with very long lines (970), with no line terminators Hash281758c6ed1b5baf0727aa20b5a28845 2c2262e45319567a648ae24670bc4667510c2042 a15e6d135bdd41a15297e502485921b2ea2992eebfe415334ef2543e6f7e75bd
GET /wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaLZXhX1ENaLL1du8kxLzAQFOIGjXF2vDdfLmXlVvHV2ZOe1LUdyblIoNsFSXLLQ6qBcFmn5Vj%2F7fID5L0QMz6kJ%2FbC%2F8X6PEcNoh5zsldfBjrYYdeCTpm9ZOT5WoVXuBLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e8e5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/favicon.ico | 188.114.97.1 | 302 Found | 12 kB |
URL GET HTTP/3purecasinos.org/favicon.ico IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash34dc279c8e8e2ae4eb081d80964fd648 c0811bb81e7fedf4754be449d38dcfaaaa25ba9e 5041204eb440a6ec771a8cd73f98b8cc1ad3e633883431ff66ac4bd1f2812c03
GET /favicon.ico HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/html; charset=UTF-8
location: https://purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png
vary: Accept-Encoding
link: <https://purecasinos.org/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UtYI%2F%2BKGDSUtBl%2B8hIWFUVBvk6hdtsjMIZq6MEHg5P65sbWJmG%2BeELdmqat4cuARoFmudsa6x5ensxH4dlfLHrkwhKuQzef45bGKw5WlWw%2F1LjFPgEwNAS2m2VHR9ukn8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674404aa455690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js | 188.114.97.1 | 200 OK | 7.5 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeJavaScript source, ASCII text, with very long lines (7670), with no line terminators Hash009fadbd42838984249d01f61e179c85 e8c6c958039b3da50af910ea716567538d4c2af2 78b07d88c15370dfee9d943cbb2831e7a2b0c0e10c325e0608dbca3de0714e41
GET /wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBJtpi5DAgJSBcqsy5fD4sDFzQrjcpm9g%2FXM%2BsDBe2P%2FTCi07amLM9F6ZqPtYTpltfJpnydBptAF10uFyAg%2FbfTOfr%2FGi7sWng%2FwLPJICiryU249ZJdx3NYMiwnSUpMUe3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743ffccc95690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| visit.startfinishthis.com/2L1mRj?q=purecasinos.org | 104.21.64.161 | 200 OK | 7.8 kB |
URL GET HTTP/2visit.startfinishthis.com/2L1mRj?q=purecasinos.org IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7752), with no line terminators Hash36b37c2b32cb60a5f7689fc7bc992368 75c21b11e9d45c0f100caba87985605f0f68749b e5bd093f5b2293f655d1c324186c2241e2dc972d50c8ad68df56bbaff4d71e12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2L1mRj?q=purecasinos.org HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:44 GMT
set-cookie: _subid=376l60je3c41j; expires=Sun, 19 May 2024 20:04:44 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQ3MDY4NH0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0NzA2ODR9LFwidGltZVwiOjE3MTM0NzA2ODR9In0.Bw8nBo1rtDYlqDyvyUBzcUWFrFOEgu-aGjRu1Er6FRY; expires=Sat, 06 Aug 2078 16:09:28 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br8cD119KnpumCOL98WGyed5qQlW%2BGPMjOoLjTa5dmeD4FTN9ByOud3QZhnujS2%2F0wlKaYSf%2FeSUm7FJ9thd%2BxZAItvV14dpc%2FT73swmwr7wG43nnp0FVltAP9hK%2B42ANM72I%2BxCqkqgZ0kB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674402ca261c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 104 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
Size104 kB (104450 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
last-modified: Thu, 18 Apr 2024 17:17:45 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A5IliblM6KuAhm%2BfK7EJDNsVL%2Fi7tTm%2FDl657QTQd8h4Y7VW7zgSSsCVTYp7FFCgjC5NuGidrzjyHKofc6byBLF8vv%2BCVIBtadLVlkuvawI2TEvVG0GmJzaWGfQzC%2FXVPY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743f84c4556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| purecasinos.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 188.114.97.1 | 200 OK | 113 kB |
URL GET HTTP/3purecasinos.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 19:22:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DaE3FraG9Gl6szye3x1kdJ8JYMSOOkrtLJbUNqz13H20Yv6OR92culNlMm1QIMTzacV1n5NtW2Qc3e2VKPZvwX1ZlxLu6qUZTTkym4Y88%2BV3EdNl30UvaQNjUM5GPxrOZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd59a45690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22 | 188.114.97.1 | 200 OK | 33 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeJavaScript source, ASCII text, with very long lines (28559) Hash0c5af8cbd330b35a26393f18ddee4da5 4818102949a75b97fbbc62923cd98493fbe14e99 a2261b5de98560fce89fc9a905070333f2623b114fdb2ae88e6eb24cf732df93
GET /wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F24ZbPQJ3LZmfF8FMSbgrXQLQrgoB91fApxwEJZqx7Vs42mPwW4QigIql2PfPcPRDZuHcDVr%2F7trRVYoYCUW0SvlidYHqHzH2y10mHY%2FcuBkSNl0AcEKV99ii0ozxz7Imn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd79d85690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js | 54.230.111.96 | 200 OK | 206 kB |
URL GET HTTP/2cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js IP54.230.111.96:443
CertificateIssuerAmazon Subjectcdn.matomo.cloud Fingerprint82:AD:7C:C7:03:79:96:F4:55:20:84:14:6B:42:42:99:FB:DC:33:DD ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 23 Nov 2024 23:59:59 GMT
Size206 kB (205962 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /maxcasinous.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: CloudFront
content-type: application/javascript; charset=utf-8
date: Thu, 18 Apr 2024 20:04:45 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Apr 2024 21:06:07 GMT
etag: W/"32485c8be04b0e62b74549b6afa41e21"
cache-control: max-age=691200
x-amz-version-id: R3cvQ53Cpyp5BOF6n4sPbr_gnF4L.4VD
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YO986wDz9XVydIxj54W4bXIyjI58RPBBBFTtKp0qrfoS2CXPfop-2Q==
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2803), with no line terminators Hash1a019f7fd2fe214e6ef4fca817735e19 62db411de1997be8c8111d2b70ff3796e6d77615 6d8bb3529e829e19ddf4d460eaea67c444775b76eb599bc7ab83832daee2b171
GET /wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bbo43PWt0Y0gqjlaknS7FHflNzuASsSCNj8hZvHMv3oDnek6YyyFnBpH9sfk%2BoIpbw0wgs1wpBoakKUllnWW1jyaBUUsjqO9d5%2FOMmP%2BCSrA3yuddj%2BPsQIsHopzTVbaU8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e845690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| find.bestresulttostart.com/scripts/config.js?ver=2.56.3 | 193.163.7.113 | 200 OK | 7.8 kB |
URL GET HTTP/2find.bestresulttostart.com/scripts/config.js?ver=2.56.3 IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (7778), with no line terminators Hash1e4e5741c78676c52420cddd7864dba5 10c43392f24890dffaad0b33b850e67a9ace0bc2 854ca4102c845a10dbb33ca49e08bc428e865eaeed015bd002ee5620ec3711ad
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /scripts/config.js?ver=2.56.3 HTTP/1.1
Host: find.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 10:13:07 GMT
vary: Accept-Encoding
etag: W/"6613c333-1e62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22 | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeASCII text, with very long lines (1371), with no line terminators Hashac39b42d151d3cab0d989f58fb22c852 acd8449da10082ce5ab2f404c470d8b7929ac179 372d61c2521df84f02ada52ec1ae000a9b641068cd36d0f90badee17ca7bd7ea
GET /wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZP%2FprI8ZYu3w8XzOg0gK54736YLJDgY1ZfZLf7cCosh4KBhC2Gkhj4CLdHN2OZ2Fczp7SdoHejePNouqheNJ%2B2xIWPwvZMltrUA7%2BE2jW6r57x0FZw7Y8%2B6iuP2fONCdC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd69c45690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| api.startservicefounds.com/service/sort.js | 45.150.67.235 | 200 OK | 7.7 kB |
URL GET HTTP/2api.startservicefounds.com/service/sort.js IP45.150.67.235:443 ASN#44477 Stark Industries Solutions Ltd
CertificateIssuerLet's Encrypt Subjectapi.startservicefounds.com Fingerprint1D:32:DA:3C:D3:BE:68:81:45:97:BB:14:D2:E3:64:49:C3:5D:68:1A ValidityTue, 27 Feb 2024 18:47:25 GMT - Mon, 27 May 2024 18:47:24 GMT
File typeJavaScript source, ASCII text, with very long lines (7713), with no line terminators Hash9e95c06225b1aad0df17cc4b8ec6db7b c8a352d57915b519049ea797857feb8927ac9994 7b0c1d3adb252e17f512262044a2d78e6a3a30080343f2481a36fb6de6656f71
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | Quad9 DNS | malicious | Sinkholed |
GET /service/sort.js HTTP/1.1
Host: api.startservicefounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 09:45:04 GMT
etag: W/"660e76a0-1e21"
expires: Sun, 28 Apr 2024 20:04:44 GMT
cache-control: max-age=864000
access-control-allow-origin: *
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2 | 193.163.7.113 | 200 OK | 14 kB |
URL GET HTTP/2bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2 IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (13785), with no line terminators Hashdad59bad08a8fdf2f2ddf9cc28d23153 65c2b2ca6142364cfd1539c37828d2df06b4f572 dbc09b358c3f5de04d44f6158441259a2f29526008594e05a9ac3cc829186e27
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /scripts/statistics.js?s=7.8.2 HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 17:57:49 GMT
vary: Accept-Encoding
etag: W/"6615819d-35d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22 | 188.114.97.1 | 200 OK | 103 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
Size103 kB (102685 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTUrCVQoTJaBNe%2BqMNmQpkbDacJt9gCCQBlsdDi88%2FirxGUwsS0RH08vWQ2mpbah5YbjT%2B9F5YNsxQ3JWioDW6BwCxPHECeMoAyug2nXIz2lKhUyhYXt0NsSquR%2FBuvU%2BRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd59ab5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| visit.startfinishthis.com/2L1mRj?q=purecasinos.org | 104.21.64.161 | 200 OK | 7.8 kB |
URL GET HTTP/3visit.startfinishthis.com/2L1mRj?q=purecasinos.org IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7752), with no line terminators Hash36b37c2b32cb60a5f7689fc7bc992368 75c21b11e9d45c0f100caba87985605f0f68749b e5bd093f5b2293f655d1c324186c2241e2dc972d50c8ad68df56bbaff4d71e12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2L1mRj?q=purecasinos.org HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:45 GMT
set-cookie: _subid=376l60je3c43o; expires=Sun, 19 May 2024 20:04:45 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQ3MDY4NX0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0NzA2ODV9LFwidGltZVwiOjE3MTM0NzA2ODV9In0.2ewLDaZp0sRx0C9OtO4tjzN0_XfEcgSB4SZ_MoT5KQI; expires=Sat, 06 Aug 2078 16:09:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LWsnVRoDFuUZhR4OcsVLiEDdtMOoKOpn6g07PS%2B3JeqeB8A1yabX9E7i6gzG3yE%2BnflxN6hmKxKrQo%2B5p35uhtbmxfno%2FyD01PISckCsKP%2FSVLws3ndYdSgJxjGacVOAZkzkqaLUYo7DnJf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8767440689be5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22 | 188.114.97.1 | 200 OK | 6.1 kB |
URL GET HTTP/3purecasinos.org/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typeASCII text, with very long lines (6137), with no line terminators Hash5ded2bd1e2e10ca94b205f44e69e303d fe1d8ac147a33781723bfd15d33cfd282943e33e 71ddb338de0297feff0f796097b4e71b95bf086dc9952f662acbdac401797204
GET /wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtKoWCN0jzxl1fNhZdFTft3IPMJAtAgeQJDB57ZJXATAZv69FrZxCsq1NS1pEM5Qjz0rigg48OWU6frpn9rw8IfHrZHnyPW1WTh3XqZpdxOvW%2BlhWYeC62M5Ex%2BGMoDKTiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744085eb25690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png | 188.114.97.1 | 200 OK | 4.1 kB |
URL GET HTTP/3purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectpurecasinos.org Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9 ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://purecasinos.org/
DNT: 1
Connection: keep-alive
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytFyZcoLDOpDwcjsitRS0iydRaFMJBcJJSpbGFBykRnkUOoW7ENelghmWiqc%2FAkh7nypoFJ%2Fdx%2BoqUfrK3I2ircAQKzAF81GZSgj0UGjjaJlwMAwqDFf2EafPHBzo9MpxkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674409f86f5690-OSL
alt-svc: h3=":443"; ma=86400
|
|