Report - purecasinos.org/

Report Overview

Submitted URL
purecasinos.org/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 20:05:08
Access
public
Website Title
Top 10 Real Money Online Casinos for USA Gamblers for 2024
Final URL
purecasinos.org/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
scripts.bestresulttostart.com	unknown	2024-03-04	2024-03-04	2024-04-18	424 B	6.2 kB	193.163.7.113
purecasinos.org	unknown	unknown	No data	No data	6.0 kB	414 kB	188.114.97.1
cdn.matomo.cloud	26908	2017-09-08	2019-09-27	2024-04-18	427 B	207 kB	54.230.111.96
find.bestresulttostart.com	unknown	2024-03-04	2024-03-05	2024-03-28	431 B	8.2 kB	193.163.7.113
api.startservicefounds.com	unknown	2024-02-27	2024-02-27	2024-04-08	418 B	8.1 kB	45.150.67.235
bind.bestresulttostart.com	unknown	2024-03-04	2024-03-22	2024-04-18	839 B	20 kB	193.163.7.113
maxcasinous.matomo.cloud	unknown	unknown	No data	No data	1.4 kB	639 B	18.157.122.248
visit.startfinishthis.com	unknown	2024-03-04	2024-03-04	2024-04-18	1.7 kB	20 kB	104.21.64.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 20:04:44	high	Client IP	193.163.7.113	ET EXPLOIT_KIT Balada Domain in TLS SNI (bestresulttostart .com)
2024-04-18 20:04:44	high	Client IP	193.163.7.113	ET EXPLOIT_KIT Balada Domain in TLS SNI (bestresulttostart .com)
2024-04-18 20:04:44	high	Client IP	193.163.7.113	ET EXPLOIT_KIT Balada Domain in TLS SNI (bestresulttostart .com)
2024-04-18 20:04:45	high	Client IP	193.163.7.113	ET EXPLOIT_KIT Balada Domain in TLS SNI (bestresulttostart .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	startfinishthis.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	startfinishthis.com	Sinkholed
2024-04-18	medium	startfinishthis.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	startservicefounds.com	Sinkholed
2024-04-18	medium	bestresulttostart.com	Sinkholed
2024-04-18	medium	startfinishthis.com	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2024-04-02	medium	bind.bestresulttostart.com	Unknown malware
2024-03-09	medium	scripts.bestresulttostart.com	Unknown malware
2024-03-09	medium	api.startservicefounds.com	Unknown malware
2024-04-02	medium	bind.bestresulttostart.com	Unknown malware

JavaScript (22)

	URL	Size	First Seen	Last Seen
	purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js	2.8 kB	2024-01-23	2024-04-29
Pretty URL purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-23 11:45:33 Last Seen2024-04-29 22:10:39 Times Seen23 Hash 1952b4d84c2d482f6270008776f12625 5744abeb0cb60d834e5120d3d7b1008ff1209da9 662b1f4d477e2d6bfde6504215947b0316d83f3b0cecb25f22c4405653762fa9 Loading...

	purecasinos.org/	570 B	2024-04-18	2024-04-18
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 22:05:15 Last Seen2024-04-18 22:05:15 Times Seen1 Hash e6d393cc31dcbbc5843bdbe5b42e9cf8 b74cd273cb24bdb9488aca4271c8f42676f192b6 aafde8422ffa914c1194fa162c73f98b3ab1299e7c73b40bb6827f1b110f96fc Loading...

	visit.startfinishthis.com/2L1mRj?q=purecasinos.org	7.8 kB	2024-04-08	2024-04-29
Pretty URL visit.startfinishthis.com/2L1mRj?q=purecasinos.org IP 104.21.64.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-08 14:51:53 Last Seen2024-04-29 10:08:39 Times Seen142 Hash 02b232562fac1f903859abaf066919c5 eb98b38e5e5af2127e333c0d91efd5f5d2299e0b 5268cd6ccfe14126dda3076f3b128ec20995afdb4875e0494880e71f1cb741d2 Loading...

	purecasinos.org/	15 kB	2024-03-02	2024-05-01
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 02:19:59 Last Seen2024-05-01 20:59:18 Times Seen100 Hash 81931896525639787120c691a304df8c 0cf873e5d15dc39e750cf6d1d30fe13eba457ab0 41d024224aa7cec2df7b8fa2c82f9a73eaa17ad6f97cf19095b49969b11ed5fe Loading...

	visit.startfinishthis.com/fGGy8K	0 B	2023-03-07	2024-05-01
Pretty URL visit.startfinishthis.com/fGGy8K IP 104.21.64.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 20:59:14 Times Seen37254672 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	find.bestresulttostart.com/scripts/config.js?ver=2.56.3	7.8 kB	2024-04-04	2024-04-29
Pretty URL find.bestresulttostart.com/scripts/config.js?ver=2.56.3 IP 193.163.7.113 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 16:24:55 Last Seen2024-04-29 12:55:34 Times Seen103 Hash 1e4e5741c78676c52420cddd7864dba5 10c43392f24890dffaad0b33b850e67a9ace0bc2 854ca4102c845a10dbb33ca49e08bc428e865eaeed015bd002ee5620ec3711ad Loading...

	scripts.bestresulttostart.com/tDTDBJ	14 kB	2024-04-08	2024-04-29
Pretty URL scripts.bestresulttostart.com/tDTDBJ IP 193.163.7.113 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-08 14:32:13 Last Seen2024-04-29 12:55:34 Times Seen170 Hash 58d15c8061659ef77d42e8c5d3ff4984 4fefb78331ee102e720c03a36265f3b286df3457 709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98 Loading...

	purecasinos.org/	7.6 kB	2024-03-30	2024-05-01
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-30 10:49:39 Last Seen2024-05-01 20:59:18 Times Seen27 Hash b54ea1312693b358494bedae9fefd2bb 98d573efeba40f624218e185ff094cd84519f176 4aca2547cbc2f8d44ef2dfb7e48379dfd9f0105f87608667e3521655e196b4d3 Loading...

	purecasinos.org/	717 B	2024-04-08	2024-05-01
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-08 14:51:53 Last Seen2024-05-01 17:56:53 Times Seen47 Hash 99abe8a98b9a8c5ca15632c9b3bc22bd 3ec7b59ed1ae1a957f145c8aa1a7286b8f389d2a d4592d5f5d479bc507894ec8ab8892b6016d11cd01fb5baa0a8a9ffdf222a882 Loading...

	purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js	970 B	2024-01-23	2024-04-29
Pretty URL purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-23 11:45:33 Last Seen2024-04-29 22:10:39 Times Seen19 Hash 281758c6ed1b5baf0727aa20b5a28845 2c2262e45319567a648ae24670bc4667510c2042 a15e6d135bdd41a15297e502485921b2ea2992eebfe415334ef2543e6f7e75bd Loading...

	purecasinos.org/	2.1 kB	2023-03-07	2024-05-01
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-01 09:32:15 Times Seen6382 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	api.startservicefounds.com/service/sort.js	7.7 kB	2024-04-04	2024-04-30
Pretty URL api.startservicefounds.com/service/sort.js IP 45.150.67.235 ASN #44477 Stark Industries Solutions Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 16:24:54 Last Seen2024-04-30 04:45:32 Times Seen112 Hash 9e95c06225b1aad0df17cc4b8ec6db7b c8a352d57915b519049ea797857feb8927ac9994 7b0c1d3adb252e17f512262044a2d78e6a3a30080343f2481a36fb6de6656f71 Loading...

	cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js	206 kB	2024-04-04	2024-04-27
Pretty URL cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js IP 54.230.111.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 12:18:08 Last Seen2024-04-27 01:27:31 Times Seen6 Hash 32485c8be04b0e62b74549b6afa41e21 15fbe87f75a95aa08094108ff73874aebff5b9f8 eb4f862cff17723c6e9014b39cd9972b43e8ffe3e4b9b0dbc7bcde7299607430 Loading...

	purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js	7.5 kB	2024-01-28	2024-04-18
Pretty URL purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-28 10:56:12 Last Seen2024-04-18 22:05:15 Times Seen12 Hash b707a3564ca1d8a9af5356b2852e92c3 ebfce58ec97019adcbc9d2341d4d615e020c67f2 8675a06a1093ba0769100e8375d07b9c47dd85cdd31f8c5fe656d53f70316e6f Loading...

	purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22	33 kB	2024-01-28	2024-04-18
Pretty URL purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-28 19:38:00 Last Seen2024-04-18 22:05:15 Times Seen10 Hash 0c5af8cbd330b35a26393f18ddee4da5 4818102949a75b97fbbc62923cd98493fbe14e99 a2261b5de98560fce89fc9a905070333f2623b114fdb2ae88e6eb24cf732df93 Loading...

	maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F	117 B	2024-04-18	2024-04-18
Pretty URL maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F IP 18.157.122.248 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 22:05:15 Last Seen2024-04-18 22:05:15 Times Seen2 Hash 3d4d5612567577ba77d0f05858642a23 5ce9101c7c60cf5e250392daa958715cba87f070 0250bbdb45b12b2e91e907470bfac77c8192bfee5ff517364e599c60e3cf4188 Loading...

	purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js	3.0 kB	2024-01-23	2024-04-29
Pretty URL purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-23 11:45:33 Last Seen2024-04-29 22:10:39 Times Seen27 Hash 64b167576f38f8cb47b12620b20a5144 2a5eb610aeb25aeabf4fe3afd499de16c3551381 fd6da5d43d0dfbc19ef1cdc28bc469929f5634a6352ef59716b43bf9d218339a Loading...

	purecasinos.org/	446 B	2024-04-18	2024-04-18
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 22:05:15 Last Seen2024-04-18 22:05:15 Times Seen1 Hash a97932b57e3793826cb22cda7d8d1b8e b010159d14e2e6b2283a66ab82e126c4b760095f 6914796740d55bcabd06a7fb7b998ee4f2d29d1a7870559e74dec3485973587c Loading...

	unknown	389 B	2024-04-08	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-08 14:51:53 Last Seen2024-05-01 17:56:53 Times Seen48 Hash dbf40e5c99cb46a5644d1e593a901858 54cc32aeec025dfe3dc726b8adf730988d01f139 99ab894aeb59d34150f8492c3ec65fb935ad4027e6045a8d9f0ba9ef5540b82f Loading...

	purecasinos.org/	3.4 kB	2023-03-07	2024-05-01
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-01 09:32:15 Times Seen6194 Hash a94b76e45c11675df9f26fd25a8e4359 1cd29363bb1b514e6f7ef031f1831008df181f17 4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899 Loading...

	purecasinos.org/	1.4 kB	2024-04-18	2024-04-18
Pretty URL purecasinos.org/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 22:05:15 Last Seen2024-04-18 22:05:15 Times Seen1 Hash 3c54914210283e61d7be468977ad390c 4430f20519d16120dedb88b7fec6e934c4c8cf53 5c54d01ef802904818032e27aa762ec8d29afa20ae3f8ea622444fd20a5764bc Loading...

	bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2	14 kB	2024-04-08	2024-04-29
Pretty URL bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2 IP 193.163.7.113 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-08 14:51:54 Last Seen2024-04-29 12:55:32 Times Seen138 Hash dad59bad08a8fdf2f2ddf9cc28d23153 65c2b2ca6142364cfd1539c37828d2df06b4f572 dbc09b358c3f5de04d44f6158441259a2f29526008594e05a9ac3cc829186e27 Loading...

HTTP Transactions (24)

URL IP Response Size

bind.bestresulttostart.com/xf4mKQ

193.163.7.113

200 OK

5.9 kB

URL GET HTTP/2
bind.bestresulttostart.com/xf4mKQ
IP
193.163.7.113:443
ASN
#204601 Zomro B.V.

Requested by
https://purecasinos.org/
Certificate
IssuerLet's Encrypt
Subjectbestresulttostart.com
FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C
ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13785)
Size
5.9 kB (5919 bytes)
Hash
58d15c8061659ef77d42e8c5d3ff4984
4fefb78331ee102e720c03a36265f3b286df3457
709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Unknown malware
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xf4mKQ HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F

18.157.122.248

200 OK

120 B

URL GET HTTP/2
maxcasinous.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F
IP
18.157.122.248:443
ASN
#16509 AMAZON-02

Requested by
https://purecasinos.org/
Certificate
IssuerAmazon
Subject*.matomo.cloud
Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD
ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
3d4d5612567577ba77d0f05858642a23
5ce9101c7c60cf5e250392daa958715cba87f070
0250bbdb45b12b2e91e907470bfac77c8192bfee5ff517364e599c60e3cf4188

HTTP Headers

GET /plugins/HeatmapSessionRecording/configs.php?idsite=34&trackerid=DDtpXX&url=https%3A%2F%2Fpurecasinos.org%2F HTTP/1.1
Host: maxcasinous.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
content-length: 120
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

maxcasinous.matomo.cloud/matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024

18.157.122.248

204 No Content

0 B

URL POST HTTP/2
maxcasinous.matomo.cloud/matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
IP
18.157.122.248:443
ASN
#16509 AMAZON-02

Requested by
https://purecasinos.org/
Certificate
IssuerAmazon
Subject*.matomo.cloud
Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD
ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=Top%2010%20Real%20Money%20Online%20Casinos%20for%20USA%20Gamblers%20for%202024&idsite=34&rec=1&r=723631&h=20&m=4&s=44&url=https%3A%2F%2Fpurecasinos.org%2F&_id=81894443e2b5f346&_idn=1&send_image=0&_refts=0&pv_id=06M5HA&fa_pv=1&fa_fp[0][fa_vid]=BwaV5x&fa_fp[0][fa_fv]=1&pf_net=28&pf_srv=469&pf_tfr=5&pf_dm1=410&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: maxcasinous.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://purecasinos.org
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 20:04:44 GMT
server: Apache
access-control-allow-origin: https://purecasinos.org
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2

visit.startfinishthis.com/fGGy8K

104.21.64.161

200 OK

0 B

URL GET HTTP/3
visit.startfinishthis.com/fGGy8K
IP
104.21.64.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectstartfinishthis.com
FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C
ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:44 GMT
set-cookie: _subid=376l60je3c420; expires=Sun, 19 May 2024 20:04:44 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQ3MDY4NH0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0NzA2ODR9LFwidGltZVwiOjE3MTM0NzA2ODR9In0.QEXs24DXioN0a7E_y-TYixWbNqdJBlidsCQhAdNaW_0; expires=Sat, 06 Aug 2078 04:09:28 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANKneDIdQFwI0tAZGkLmbItkDZ2Jl3%2B46nSdvpIwGOp%2BdC7xOJ0uAo2gI5XTVCXc2ZBKsIFQsfkMiCUP31VpTyhNuTIfCobzsLVDXCCAw2MvCN5cE0nDTZONR%2BQtnoKg%2FqxM6eI8A3O7%2FyjT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674403beb55689-OSL
alt-svc: h3=":443"; ma=86400

scripts.bestresulttostart.com/tDTDBJ

193.163.7.113

200 OK

5.9 kB

URL GET HTTP/2
scripts.bestresulttostart.com/tDTDBJ
IP
193.163.7.113:443
ASN
#204601 Zomro B.V.

Requested by
https://purecasinos.org/
Certificate
IssuerLet's Encrypt
Subjectbestresulttostart.com
FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C
ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13785)
Size
5.9 kB (5919 bytes)
Hash
58d15c8061659ef77d42e8c5d3ff4984
4fefb78331ee102e720c03a36265f3b286df3457
709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Unknown malware
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tDTDBJ HTTP/1.1
Host: scripts.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

visit.startfinishthis.com/fGGy8K

104.21.64.161

200 OK

0 B

URL GET HTTP/3
visit.startfinishthis.com/fGGy8K
IP
104.21.64.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectstartfinishthis.com
FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C
ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:45 GMT
set-cookie: _subid=376l60je3c446; expires=Sun, 19 May 2024 20:04:45 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQ3MDY4NX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0NzA2ODV9LFwidGltZVwiOjE3MTM0NzA2ODV9In0.SX4xK-1ha2z0-3g7z7g-gAY2D-gS9ufOxhrufFb2cb0; expires=Sat, 06 Aug 2078 04:09:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5R8pBWWwO3PixPHDG7wXqbm1c2SyHWbXPPg0Z3rIV23V%2Bs4TUxgxBwZq%2FVItBc1k%2FldlXdc54rGmXbpMf84N%2FKydbpY6cf1ipwMfAZvWtCgiZcBxpHnkY%2BBJBVFpl%2FLfElpFmtTSqABeUvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744074a8f5689-OSL
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js

188.114.97.1

200 OK

9.1 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3009), with no line terminators
Size
9.1 kB (9100 bytes)
Hash
64b167576f38f8cb47b12620b20a5144
2a5eb610aeb25aeabf4fe3afd499de16c3551381
fd6da5d43d0dfbc19ef1cdc28bc469929f5634a6352ef59716b43bf9d218339a

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/95.1daa69740b47258bf09b.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyZYZYqNw5o4KRHWZphvzZilwD1wrYyztHH%2BFUfYKsyvsViCVd1q2vtJ0KLZWOcUgqQCMZONqCaGQzFkpNTAsBAIQj1OTAaV%2FyG2bvI7ajA33TPG0MG6s%2FPDaPub%2FkEkIjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e885690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js

188.114.97.1

200 OK

9.6 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
JavaScript source, ASCII text, with very long lines (970), with no line terminators
Size
9.6 kB (9554 bytes)
Hash
281758c6ed1b5baf0727aa20b5a28845
2c2262e45319567a648ae24670bc4667510c2042
a15e6d135bdd41a15297e502485921b2ea2992eebfe415334ef2543e6f7e75bd

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/815.5f3d4bca3ef5698160ad.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaLZXhX1ENaLL1du8kxLzAQFOIGjXF2vDdfLmXlVvHV2ZOe1LUdyblIoNsFSXLLQ6qBcFmn5Vj%2F7fID5L0QMz6kJ%2FbC%2F8X6PEcNoh5zsldfBjrYYdeCTpm9ZOT5WoVXuBLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e8e5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purecasinos.org/favicon.ico

188.114.97.1

302 Found

12 kB

URL GET HTTP/3
purecasinos.org/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
12 kB (12354 bytes)
Hash
34dc279c8e8e2ae4eb081d80964fd648
c0811bb81e7fedf4754be449d38dcfaaaa25ba9e
5041204eb440a6ec771a8cd73f98b8cc1ad3e633883431ff66ac4bd1f2812c03

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/html; charset=UTF-8
location: https://purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png
vary: Accept-Encoding
link: <https://purecasinos.org/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UtYI%2F%2BKGDSUtBl%2B8hIWFUVBvk6hdtsjMIZq6MEHg5P65sbWJmG%2BeELdmqat4cuARoFmudsa6x5ensxH4dlfLHrkwhKuQzef45bGKw5WlWw%2F1LjFPgEwNAS2m2VHR9ukn8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674404aa455690-OSL
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js

188.114.97.1

200 OK

7.5 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7670), with no line terminators
Size
7.5 kB (7458 bytes)
Hash
009fadbd42838984249d01f61e179c85
e8c6c958039b3da50af910ea716567538d4c2af2
78b07d88c15370dfee9d943cbb2831e7a2b0c0e10c325e0608dbca3de0714e41

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/142.1345ea6b13b00771d513.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBJtpi5DAgJSBcqsy5fD4sDFzQrjcpm9g%2FXM%2BsDBe2P%2FTCi07amLM9F6ZqPtYTpltfJpnydBptAF10uFyAg%2FbfTOfr%2FGi7sWng%2FwLPJICiryU249ZJdx3NYMiwnSUpMUe3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743ffccc95690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

visit.startfinishthis.com/2L1mRj?q=purecasinos.org

104.21.64.161

200 OK

7.8 kB

URL GET HTTP/2
visit.startfinishthis.com/2L1mRj?q=purecasinos.org
IP
104.21.64.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectstartfinishthis.com
FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C
ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT

File type
JavaScript source, ASCII text, with very long lines (7752), with no line terminators
Size
7.8 kB (7751 bytes)
Hash
36b37c2b32cb60a5f7689fc7bc992368
75c21b11e9d45c0f100caba87985605f0f68749b
e5bd093f5b2293f655d1c324186c2241e2dc972d50c8ad68df56bbaff4d71e12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2L1mRj?q=purecasinos.org HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:44 GMT
set-cookie: _subid=376l60je3c41j; expires=Sun, 19 May 2024 20:04:44 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQ3MDY4NH0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0NzA2ODR9LFwidGltZVwiOjE3MTM0NzA2ODR9In0.Bw8nBo1rtDYlqDyvyUBzcUWFrFOEgu-aGjRu1Er6FRY; expires=Sat, 06 Aug 2078 16:09:28 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br8cD119KnpumCOL98WGyed5qQlW%2BGPMjOoLjTa5dmeD4FTN9ByOud3QZhnujS2%2F0wlKaYSf%2FeSUm7FJ9thd%2BxZAItvV14dpc%2FT73swmwr7wG43nnp0FVltAP9hK%2B42ANM72I%2BxCqkqgZ0kB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674402ca261c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

purecasinos.org/

188.114.97.1

200 OK

104 kB

URL User Request GET HTTP/2
purecasinos.org/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type

Size
104 kB (104450 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
last-modified: Thu, 18 Apr 2024 17:17:45 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A5IliblM6KuAhm%2BfK7EJDNsVL%2Fi7tTm%2FDl657QTQd8h4Y7VW7zgSSsCVTYp7FFCgjC5NuGidrzjyHKofc6byBLF8vv%2BCVIBtadLVlkuvawI2TEvVG0GmJzaWGfQzC%2FXVPY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743f84c4556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

purecasinos.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

188.114.97.1

200 OK

113 kB

URL GET HTTP/3
purecasinos.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 19:22:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DaE3FraG9Gl6szye3x1kdJ8JYMSOOkrtLJbUNqz13H20Yv6OR92culNlMm1QIMTzacV1n5NtW2Qc3e2VKPZvwX1ZlxLu6qUZTTkym4Y88%2BV3EdNl30UvaQNjUM5GPxrOZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd59a45690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22

188.114.97.1

200 OK

33 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
JavaScript source, ASCII text, with very long lines (28559)
Size
33 kB (33200 bytes)
Hash
0c5af8cbd330b35a26393f18ddee4da5
4818102949a75b97fbbc62923cd98493fbe14e99
a2261b5de98560fce89fc9a905070333f2623b114fdb2ae88e6eb24cf732df93

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F24ZbPQJ3LZmfF8FMSbgrXQLQrgoB91fApxwEJZqx7Vs42mPwW4QigIql2PfPcPRDZuHcDVr%2F7trRVYoYCUW0SvlidYHqHzH2y10mHY%2FcuBkSNl0AcEKV99ii0ozxz7Imn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd79d85690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js

54.230.111.96

200 OK

206 kB

URL GET HTTP/2
cdn.matomo.cloud/maxcasinous.matomo.cloud/matomo.js
IP
54.230.111.96:443
ASN
#16509 AMAZON-02

Requested by
https://purecasinos.org/
Certificate
IssuerAmazon
Subjectcdn.matomo.cloud
Fingerprint82:AD:7C:C7:03:79:96:F4:55:20:84:14:6B:42:42:99:FB:DC:33:DD
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 23 Nov 2024 23:59:59 GMT

File type

Size
206 kB (205962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /maxcasinous.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: CloudFront
content-type: application/javascript; charset=utf-8
date: Thu, 18 Apr 2024 20:04:45 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Apr 2024 21:06:07 GMT
etag: W/"32485c8be04b0e62b74549b6afa41e21"
cache-control: max-age=691200
x-amz-version-id: R3cvQ53Cpyp5BOF6n4sPbr_gnF4L.4VD
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YO986wDz9XVydIxj54W4bXIyjI58RPBBBFTtKp0qrfoS2CXPfop-2Q==
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js

188.114.97.1

200 OK

2.8 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
JavaScript source, ASCII text, with very long lines (2803), with no line terminators
Size
2.8 kB (2767 bytes)
Hash
1a019f7fd2fe214e6ef4fca817735e19
62db411de1997be8c8111d2b70ff3796e6d77615
6d8bb3529e829e19ddf4d460eaea67c444775b76eb599bc7ab83832daee2b171

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/418.073b187b833e997751a8.js HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bbo43PWt0Y0gqjlaknS7FHflNzuASsSCNj8hZvHMv3oDnek6YyyFnBpH9sfk%2BoIpbw0wgs1wpBoakKUllnWW1jyaBUUsjqO9d5%2FOMmP%2BCSrA3yuddj%2BPsQIsHopzTVbaU8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744083e845690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

find.bestresulttostart.com/scripts/config.js?ver=2.56.3

193.163.7.113

200 OK

7.8 kB

URL GET HTTP/2
find.bestresulttostart.com/scripts/config.js?ver=2.56.3
IP
193.163.7.113:443
ASN
#204601 Zomro B.V.

Requested by
https://purecasinos.org/
Certificate
IssuerLet's Encrypt
Subjectbestresulttostart.com
FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C
ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT

File type
JavaScript source, ASCII text, with very long lines (7778), with no line terminators
Size
7.8 kB (7778 bytes)
Hash
1e4e5741c78676c52420cddd7864dba5
10c43392f24890dffaad0b33b850e67a9ace0bc2
854ca4102c845a10dbb33ca49e08bc428e865eaeed015bd002ee5620ec3711ad

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts/config.js?ver=2.56.3 HTTP/1.1
Host: find.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 10:13:07 GMT
vary: Accept-Encoding
etag: W/"6613c333-1e62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

purecasinos.org/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
ASCII text, with very long lines (1371), with no line terminators
Size
1.4 kB (1371 bytes)
Hash
ac39b42d151d3cab0d989f58fb22c852
acd8449da10082ce5ab2f404c470d8b7929ac179
372d61c2521df84f02ada52ec1ae000a9b641068cd36d0f90badee17ca7bd7ea

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZP%2FprI8ZYu3w8XzOg0gK54736YLJDgY1ZfZLf7cCosh4KBhC2Gkhj4CLdHN2OZ2Fczp7SdoHejePNouqheNJ%2B2xIWPwvZMltrUA7%2BE2jW6r57x0FZw7Y8%2B6iuP2fONCdC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd69c45690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.startservicefounds.com/service/sort.js

45.150.67.235

200 OK

7.7 kB

URL GET HTTP/2
api.startservicefounds.com/service/sort.js
IP
45.150.67.235:443
ASN
#44477 Stark Industries Solutions Ltd

Requested by
https://purecasinos.org/
Certificate
IssuerLet's Encrypt
Subjectapi.startservicefounds.com
Fingerprint1D:32:DA:3C:D3:BE:68:81:45:97:BB:14:D2:E3:64:49:C3:5D:68:1A
ValidityTue, 27 Feb 2024 18:47:25 GMT - Mon, 27 May 2024 18:47:24 GMT

File type
JavaScript source, ASCII text, with very long lines (7713), with no line terminators
Size
7.7 kB (7713 bytes)
Hash
9e95c06225b1aad0df17cc4b8ec6db7b
c8a352d57915b519049ea797857feb8927ac9994
7b0c1d3adb252e17f512262044a2d78e6a3a30080343f2481a36fb6de6656f71

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Unknown malware
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service/sort.js HTTP/1.1
Host: api.startservicefounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 09:45:04 GMT
etag: W/"660e76a0-1e21"
expires: Sun, 28 Apr 2024 20:04:44 GMT
cache-control: max-age=864000
access-control-allow-origin: *
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2

193.163.7.113

200 OK

14 kB

URL GET HTTP/2
bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2
IP
193.163.7.113:443
ASN
#204601 Zomro B.V.

Requested by
https://purecasinos.org/
Certificate
IssuerLet's Encrypt
Subjectbestresulttostart.com
FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C
ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13785), with no line terminators
Size
14 kB (13785 bytes)
Hash
dad59bad08a8fdf2f2ddf9cc28d23153
65c2b2ca6142364cfd1539c37828d2df06b4f572
dbc09b358c3f5de04d44f6158441259a2f29526008594e05a9ac3cc829186e27

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Unknown malware
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts/statistics.js?s=7.8.2 HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:04:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 17:57:49 GMT
vary: Accept-Encoding
etag: W/"6615819d-35d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

purecasinos.org/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22

188.114.97.1

200 OK

103 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type

Size
103 kB (102685 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTUrCVQoTJaBNe%2BqMNmQpkbDacJt9gCCQBlsdDi88%2FirxGUwsS0RH08vWQ2mpbah5YbjT%2B9F5YNsxQ3JWioDW6BwCxPHECeMoAyug2nXIz2lKhUyhYXt0NsSquR%2FBuvU%2BRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876743fd59ab5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

visit.startfinishthis.com/2L1mRj?q=purecasinos.org

104.21.64.161

200 OK

7.8 kB

URL GET HTTP/3
visit.startfinishthis.com/2L1mRj?q=purecasinos.org
IP
104.21.64.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectstartfinishthis.com
FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C
ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT

File type
JavaScript source, ASCII text, with very long lines (7752), with no line terminators
Size
7.8 kB (7751 bytes)
Hash
36b37c2b32cb60a5f7689fc7bc992368
75c21b11e9d45c0f100caba87985605f0f68749b
e5bd093f5b2293f655d1c324186c2241e2dc972d50c8ad68df56bbaff4d71e12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2L1mRj?q=purecasinos.org HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 20:04:45 GMT
set-cookie: _subid=376l60je3c43o; expires=Sun, 19 May 2024 20:04:45 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQ3MDY4NX0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0NzA2ODV9LFwidGltZVwiOjE3MTM0NzA2ODV9In0.2ewLDaZp0sRx0C9OtO4tjzN0_XfEcgSB4SZ_MoT5KQI; expires=Sat, 06 Aug 2078 16:09:30 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LWsnVRoDFuUZhR4OcsVLiEDdtMOoKOpn6g07PS%2B3JeqeB8A1yabX9E7i6gzG3yE%2BnflxN6hmKxKrQo%2B5p35uhtbmxfno%2FyD01PISckCsKP%2FSVLws3ndYdSgJxjGacVOAZkzkqaLUYo7DnJf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8767440689be5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22

188.114.97.1

200 OK

6.1 kB

URL GET HTTP/3
purecasinos.org/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
ASCII text, with very long lines (6137), with no line terminators
Size
6.1 kB (6133 bytes)
Hash
5ded2bd1e2e10ca94b205f44e69e303d
fe1d8ac147a33781723bfd15d33cfd282943e33e
71ddb338de0297feff0f796097b4e71b95bf086dc9952f662acbdac401797204

HTTP Headers

GET /wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.22 HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://purecasinos.org/
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 07:22:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtKoWCN0jzxl1fNhZdFTft3IPMJAtAgeQJDB57ZJXATAZv69FrZxCsq1NS1pEM5Qjz0rigg48OWU6frpn9rw8IfHrZHnyPW1WTh3XqZpdxOvW%2BlhWYeC62M5Ex%2BGMoDKTiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876744085eb25690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png

188.114.97.1

200 OK

4.1 kB

URL GET HTTP/3
purecasinos.org/wp-includes/images/w-logo-blue-white-bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://purecasinos.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectpurecasinos.org
Fingerprint8B:FB:39:00:40:F8:6D:36:15:B9:D3:DD:77:CE:30:4D:47:8C:5F:D9
ValidityThu, 28 Mar 2024 04:43:14 GMT - Wed, 26 Jun 2024 04:43:13 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: purecasinos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://purecasinos.org/
DNT: 1
Connection: keep-alive
Cookie: _pk_id.34.8846=81894443e2b5f346.1713470684.; _pk_ses.34.8846=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 20:04:45 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytFyZcoLDOpDwcjsitRS0iydRaFMJBcJJSpbGFBykRnkUOoW7ENelghmWiqc%2FAkh7nypoFJ%2Fdx%2BoqUfrK3I2ircAQKzAF81GZSgj0UGjjaJlwMAwqDFf2EafPHBzo9MpxkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87674409f86f5690-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML