ui.fraudfree.net/api/r/i/63ae5075a9cd46fb16509925
54.237.163.208301 Moved Permanently 178 B URL HTTP/1.1 ui.fraudfree.net/api/r/i/63ae5075a9cd46fb16509925
IP 54.237.163.208:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /api/r/i/63ae5075a9cd46fb16509925 HTTP/1.1
Host: ui.fraudfree.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 27 Jan 2023 14:32:36 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://ui.fraudfree.net/api/r/i/63ae5075a9cd46fb16509925
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16151
Expires: Fri, 27 Jan 2023 19:01:47 GMT
Date: Fri, 27 Jan 2023 14:32:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Fri, 27 Jan 2023 15:38:42 GMT
Date: Fri, 27 Jan 2023 14:32:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 13:35:22 GMT
content-type: application/json
age: 3434
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3350
Expires: Fri, 27 Jan 2023 15:28:26 GMT
Date: Fri, 27 Jan 2023 14:32:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WSa8eYQSlLd1Ovo01hpWBiOjW00TYs1+mCVL1FqjCV3s5HTYrJER1pf4wxYbEIiFfPIpoC59vAo=
x-amz-request-id: RDHHPFD2V0Q8VW6T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 13:49:26 GMT
age: 2590
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 14:32:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f0d58774d254557a1b943310e5354553
6324416644eba79ee92d39ab97853691bb41f736
71757bc7f3c1fc550feee9de9c72b28cf8b15c2bc75a4a4a875c4b4a24d9b8f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71757BC7F3C1FC550FEEE9DE9C72B28CF8B15C2BC75A4A4A875C4B4A24D9B8F1"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Fri, 27 Jan 2023 20:32:04 GMT
Date: Fri, 27 Jan 2023 14:32:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 13:41:40 GMT
age: 3056
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ui.fraudfree.net/api/r/i/63ae5075a9cd46fb16509925
54.237.163.208301 Moved Permanently 0 B URL HTTP/1.1 ui.fraudfree.net/api/r/i/63ae5075a9cd46fb16509925
IP 54.237.163.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/r/i/63ae5075a9cd46fb16509925 HTTP/1.1
Host: ui.fraudfree.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 27 Jan 2023 14:32:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Referer: https://ui.fraudfree.net/api/tracking/redirect/63ae507881c295fbe0120a51
Location: http://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17891
Expires: Fri, 27 Jan 2023 19:30:48 GMT
Date: Fri, 27 Jan 2023 14:32:37 GMT
Connection: keep-alive
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u2Fz9nKxxW3szeYU1EUdgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8TjcwuloVtJq87aRrM6RZZaWCKI=
www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
216.15.188.190301 Moved Permanently 707 B URL HTTP/1.1 www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
IP 216.15.188.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 27 Jan 2023 14:32:36 GMT
server: LiteSpeed
location: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 14:32:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 14:32:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 14:32:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 14:32:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 14:32:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 06:24:42 GMT
age: 29276
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7AecnloBAOZbROe_gGLZL8AcwRb1rrSIo577CwGZpzyDdtRa-Ae_9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 60330
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 60170
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 79263
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 71799
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 464592dade1d7207d58b22d5d09d9254
3caa2537edfe4c738540884b3eda51e437d26f4d
c0cdec94ff460c4b875657bb53ed90ef2ef786a2b8095d1ebf09365556536375
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4627
x-amzn-requestid: 38f2ed09-3a2e-4b5d-bde9-24fd7467d1a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZJE-BIAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3a-4ad90b1c2883444f547b6f84;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pl5Ta4lZHz2a_R1U3OnL1AZFcLc4Ez6_2U7WZ6ZYUC26k9r7m6mxXw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:12 GMT
age: 41246
etag: "3caa2537edfe4c738540884b3eda51e437d26f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2dd49753b725c0adb91fafd2a7821613
92547466e2927540da351740e1c8702b00016188
9a8ce5d24a953b03df10246293da6632a6e779f6719f51b1877c98ebc961a7ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6146
Cache-Control: max-age=136730
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Etag: "63d33b9f-117"
Expires: Sun, 29 Jan 2023 04:31:29 GMT
Last-Modified: Fri, 27 Jan 2023 02:49:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2dd49753b725c0adb91fafd2a7821613
92547466e2927540da351740e1c8702b00016188
9a8ce5d24a953b03df10246293da6632a6e779f6719f51b1877c98ebc961a7ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: max-age=136549
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Etag: "63d33b9f-117"
Expires: Sun, 29 Jan 2023 04:28:28 GMT
Last-Modified: Fri, 27 Jan 2023 02:49:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
www.northernedgecasino.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
216.15.188.190200 OK 11 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 18:31:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3
216.15.188.190200 OK 11 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (639)
Hash 56832b3e0ca1bfc02187ee576a4d0dec
850d148cc2465ae61059367550ca9d3fed1e75e5
9c13d52b4444b1c76f0980010cfb8339ae066105f136700d6e379826bb9c4570
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11091
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/style.css?ver=6.0.3
216.15.188.190200 OK 287 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/style.css?ver=6.0.3
IP 216.15.188.190:0
Hash 1787c807534fe4cb8773734c046cc49b
48a6e4a8d332e16ff73c62fb9242de6bd477dbfb
1e28963c8e240fb28d70f5d573dc6d74edf6c1716220707ff0603bd642c63307
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/style.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:08:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 287
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
216.15.188.190200 OK 6.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:31:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6658
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3
216.15.188.190200 OK 4.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (21769), with no line terminators
Hash a211ff7edbfa20f37a4255dd408fea1e
b844983f4a2742adfb08d37a0885313e45efa4a7
41afc3a1d4ecc028e45d4191063307548d98059d56b0234ca4a626b85a9a129c
GET /wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4073
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3
216.15.188.190200 OK 7.3 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (369)
Hash 60f8b842b9aadc413db91298b0a22277
253e26c13304a308b85f1f11a1bbb92cfaf26ebf
ad96d8dac53bfa3dc81d5c8b86cb70b712cd71d2080921569c5e736db9070c47
GET /wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7337
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3
216.15.188.190200 OK 1.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3
IP 216.15.188.190:0
Hash 01f67987067b61ea8d95fd8a798e1581
d73f78b56fd8b727f0850fecd0d688d832c1c30c
4cb2a4b75d2e6c2c30365cae564c890639c1eb16bc7d069da12c8e360a6e9bb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1690
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2dd49753b725c0adb91fafd2a7821613
92547466e2927540da351740e1c8702b00016188
9a8ce5d24a953b03df10246293da6632a6e779f6719f51b1877c98ebc961a7ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6146
Cache-Control: max-age=136730
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Etag: "63d33b9f-117"
Expires: Sun, 29 Jan 2023 04:31:29 GMT
Last-Modified: Fri, 27 Jan 2023 02:49:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PQQV6T9
172.217.21.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PQQV6T9
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash be6f9361cf8d02bd8d6a6f00259e2586
603bf562f403c176f68b2eefb74f6be940fd9d1d
043a3421ccae94bb9a52d5ef7f141f6c7e9e6b31200292d1475877f4ee1f71e4
GET /gtm.js?id=GTM-PQQV6T9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 14:32:39 GMT
expires: Fri, 27 Jan 2023 14:32:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 27 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TP2QB6R
172.217.21.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TP2QB6R
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash ab12b9070fd8e612c7a78efae4191ddf
a07282b59cd67efcc77b85d53f5c45126499959c
3b17f3559414b25591c5f4a2f5e97595abb549c767b885397d5e2468005b0f5b
GET /gtm.js?id=GTM-TP2QB6R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 14:32:39 GMT
expires: Fri, 27 Jan 2023 14:32:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 27 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3
216.15.188.190200 OK 88 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 78f1e3ea16243e0753902c511fce3470
d85e5b80d8fe0fb09c7bd5b303e5238ea8b46522
09183f4e475a7ae51c43b2b51179a97bf0891365aa69ec91035e74486f717f9b
GET /wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:11:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 87818
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/print.css?ver=6.0.3
216.15.188.190200 OK 233 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/print.css?ver=6.0.3
IP 216.15.188.190:0
Hash 4694e872dbf625988ec2ed58bcc68d61
07d569079314ac0499392683c40a695a0f818c6f
7cb3293816c217a91c322ba7cd51c6ce159038e86675af485c08a85221706c24
GET /wp-content/themes/bridge/css/print.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:10:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 233
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821
216.15.188.190200 OK 5.8 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821
IP 216.15.188.190:0
File type ASCII text, with very long lines (324)
Hash fbdd1023459a5556a06f3083226ec7a4
0534cfd9be36bd9f09d67d050f0bbd20a3cdf9c8
e3a3a05e2edf04c14bb22835cceccd7ae1d0040bf6584d404426953d20d7ec9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5827
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 367989862765bd5ddbb89f38506d7236
ca0540c2f43926346bff0a0280e21cad12a7c902
906ebfbf9ac3441388c32453bf2a9619bf8ab55ffdaa8a1f714af3d4fd66aabd
GET /wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12401
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821
216.15.188.190200 OK 295 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821
IP 216.15.188.190:0
Hash 6ded922bcfd08b50084e7332131634dd
fe24b459bfb87d4058bd5b8bf0a866f28d1df604
2bbce9935773d820ac4fe2e335c5e20896d1a14d43a4ae7821bab55dc90bd601
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 295
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/custom_css.css?ver=1667038822
216.15.188.190200 OK 199 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/custom_css.css?ver=1667038822
IP 216.15.188.190:0
File type ASCII text, with CRLF, LF line terminators
Hash 2b51d85e442adefa5ef6528544e45276
9c8603c2c30c38f58b0ecf8b0026faaa2f454e58
9a4bc2c9feb098af265c6f285937a74297323dac2eaae934970dcf9db375616d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/custom_css.css?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-length: 199
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (65412)
Hash f939f11451ff5d0b91c776b434374477
8ba4ce276493ae39112b159315c3abacae59a741
2be43c352e1ddff151daaefb74b890462a9b6f86d7eb75570a76220eb1a4792a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12128
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6
216.15.188.190200 OK 2.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (36512)
Hash 2c5ab0a12b2e7a6cb02045765967f97f
d73693cde81821b8e47109f539ccfff9f8494eb2
c6ff61e4d2c086e683e313a114c32133328e5cd2428d3a3916f76f2c0c618ba2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2677
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/northern-edge-logo-small-1.webp
216.15.188.190200 OK 9.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/northern-edge-logo-small-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eec7526efd972a816cb2b57242a01a29
cb12bdb5ff459a0a87ad597b40fcfcb670a40333
e9d5554e3e2f8ef4a5d5ff786fb4abe6df707b1b1264c12399990169fd689823
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/northern-edge-logo-small-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: image/webp
last-modified: Fri, 23 Sep 2022 10:29:08 GMT
accept-ranges: bytes
content-length: 9034
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
216.15.188.190200 OK 68 B URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 216.15.188.190:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 21:03:36 GMT
accept-ranges: bytes
content-length: 68
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/04/gaming-icon.png
216.15.188.190200 OK 2.2 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/04/gaming-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 149, 8-bit colormap, non-interlaced\012- data
Hash 190c2e3819999b61595033ef5e7b720e
03975c8db81227032eb02c4c85a0e45c4e7ea29e
cc8df767c65e1489c3687653a128e915d2c081a8f67382fd2ca6a2c41825d96a
GET /wp-content/uploads/2018/04/gaming-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:12:15 GMT
accept-ranges: bytes
content-length: 2243
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/entertainment-icon.png
216.15.188.190200 OK 2.3 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/entertainment-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 148, 8-bit colormap, non-interlaced\012- data
Hash d0cc5d1674115198da3af1a5088d54b2
bc55a69d7c91ca1950d39f2af26a6f9e0f7f9dfb
1a7f6bbb75bab973a3e4dd3279e15a28895b29f75326931c607a8fa5f22008d6
GET /wp-content/uploads/2018/05/entertainment-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:09:57 GMT
accept-ranges: bytes
content-length: 2257
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/dining-icon.png
216.15.188.190200 OK 2.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/dining-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 148, 8-bit colormap, non-interlaced\012- data
Hash 3bc7c8f64c0b8b1a8c81904847b73ae2
cdb45c19ccc6178d919f65f84ad57172f70ba97b
d32cecf2f04cd1bb26ec65f6c697cd6961884fa52a5e44a61bb7c104f13da612
GET /wp-content/uploads/2018/05/dining-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:37 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:09:59 GMT
accept-ranges: bytes
content-length: 2015
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
216.15.188.190200 OK 18 kB URL HTTP/2 www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
IP 216.15.188.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8163), with CRLF, LF line terminators
Hash 0ebd16f963cb12cb5905c39ff319a5ae
a25892d30b6b150e277f83b0c84dd9f0756efc5e
0ce1d372b6b1decbdb6f6f28a3b50d9da54599db8af68e5a2aaaee3386d170a4
GET /?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://www.northernedgecasino.com/wp-json/>; rel="https://api.w.org/", <https://www.northernedgecasino.com/wp-json/wp/v2/pages/239>; rel="alternate"; type="application/json", <https://www.northernedgecasino.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 27 Jan 2023 14:32:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.netsolssl.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 986372576927c9d83e458ffdcc8d2ee7
061cff3e7148771390a86d14577196112f8c81dd
a3f1d07929e3cce75c94d4ab77d17094427986b49daf1b3629758f6463c8b6b8
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 14:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 04:43:24 GMT
Expires: Fri, 03 Feb 2023 04:43:23 GMT
Etag: "061cff3e7148771390a86d14577196112f8c81dd"
Cache-Control: max-age=568843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790232edf87fb506-OSL
www.navajogaming.com/wp-content/uploads/2020/11/NMSafeCertified.png
192.124.249.12200 OK 55 kB URL HTTP/2 www.navajogaming.com/wp-content/uploads/2020/11/NMSafeCertified.png
IP 192.124.249.12:0
File type PNG image data, 800 x 394, 8-bit/color RGBA, non-interlaced\012- data
Hash acf8478395bb49eb988c6ae88242c8ee
19ab436405c296bf7b54c75a9326b1a49b803b9a
7db6a069ecfadfe41e8d7601e943c5759f63ddec6cdad516b2f5183c6aeafa58
GET /wp-content/uploads/2020/11/NMSafeCertified.png HTTP/1.1
Host: www.navajogaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 14:32:39 GMT
content-type: image/png
content-length: 54562
x-sucuri-id: 19012
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 16 Nov 2020 19:42:33 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6
216.15.188.190200 OK 10 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (35475)
Hash 575cd3382b71fd529e1b917c35b55184
4d3067951ecf3f04283b69ab1d2e9f2a69e29e62
37216948fddd89b9dc1e9b46bdfd763334acdd5d4d225b43698b4272cef6bfd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10317
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
216.15.188.190200 OK 30 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 216.15.188.190:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Tue, 12 Oct 2021 15:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
216.15.188.190200 OK 4.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 216.15.188.190:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Thu, 31 Dec 2020 11:44:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3
216.15.188.190200 OK 5.2 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (19038)
Hash 385a605a956f040ae93711db0e8cfe83
a9e4994795dcfd587295cbfca27693de1b055c12
a88c489dce9c3175f40a575f99bc4a10230a9e15cf5cc4a928b9e23ae82c1fab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5204
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/LunarNewYear7.jpg
216.15.188.190200 OK 63 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/LunarNewYear7.jpg
IP 216.15.188.190:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 405x510, components 3\012- data
Hash 71137dd45ff0f1f878e55c896bacdd6a
b95dc7ecaf3f671827d1924904af0e7b5b16092c
8347d6dba026010e64e38660d89d168fcb5ff68a6fa57b59a653a5d9ec664f5b
GET /wp-content/uploads/2023/01/LunarNewYear7.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/jpeg
last-modified: Tue, 17 Jan 2023 18:16:44 GMT
accept-ranges: bytes
content-length: 63352
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 329999
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=1477390244&cid=665437478.1674829959&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674829959&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_728x90&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=1477390244&cid=665437478.1674829959&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674829959&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_728x90&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=1477390244&cid=665437478.1674829959&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674829959&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_728x90&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.northernedgecasino.com
date: Fri, 27 Jan 2023 14:32:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16780, version 1.0\012- data
Hash 442e4ee909315121ec3abc8db2f5c2e5
c8ad6315296b32c25350e9c7c724d10a2a745cb6
9143c69a1b271019aa0c602b4addb1c0256e503785c1ddd6163c2cb176c50768
GET /s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:16 GMT
expires: Sat, 27 Jan 2024 10:05:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:53:45 GMT
content-type: font/woff2
age: 16044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/wp-content/uploads/2023/01/2023_Locals_FP5.jpg
216.15.188.190200 OK 102 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/2023_Locals_FP5.jpg
IP 216.15.188.190:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 405x510, components 3\012- data
Size 102 kB (102511 bytes)
Hash 4f60d80ae1add5e641e5235818156597
2a65643d02c4341ba547cc92225f14631531cf54
3a040edc82111bba1b37ed6b1b9885a0370a7ef8170c37df7c323620b04557d0
GET /wp-content/uploads/2023/01/2023_Locals_FP5.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/jpeg
last-modified: Mon, 02 Jan 2023 20:17:27 GMT
accept-ranges: bytes
content-length: 102511
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 5759693240a256e1c04a9aa241217f7d
4a8d20375f5b5ea2ca66fe2d7795299446702f65
61ff82a558e57fdd04525c81cf385bd25d98ebfc581c752a749c3cfc93097eeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: text/css
last-modified: Mon, 29 Aug 2022 21:03:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11913
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3
216.15.188.190200 OK 17 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fc4065b4ec2672ff8b392f7cb6e3236a
1aea096e8ca789056698b463eaea6fd69905749e
f44dfe1e2446a195f594a3c22a18fcf25b25f004e2be18ada7d15bd740b3e1ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 17320
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
216.15.188.190200 OK 47 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 216.15.188.190:0
File type ASCII text, with very long lines (45108)
Hash 502eeaf921955755f84ae8b09eb22768
6457324b9b1b24121f99514ec32ac73d617361c8
32038768c28b9e02f9df2740ecd01abba2d3c0ff3476d7e31ae64469f6befeb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 21:03:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 47289
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
216.15.188.190200 OK 98 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP 216.15.188.190:0
File type ASCII text, with very long lines (64288)
Hash 562660858fcd53f2d8e67d2072b02ff6
b64b4262a6862c775c3bcdb5a2cfc17d09282bd8
80a120eeb1e42c4ffa9bbb2ac3737355dfae37392a2e42466f338c341020dd39
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 21:03:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 97780
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/navajoplayerscards_ny.webp
216.15.188.190200 OK 22 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/navajoplayerscards_ny.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31d7334f2f51b31478bce2977fd7b721
b90afbe6c27202a2c484934d86cb6464e3a3ab3f
d71f7e5d62374241921b9b65a8d8691dfca064fc2afe717610f6aa35195f9606
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/navajoplayerscards_ny.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/webp
last-modified: Fri, 23 Sep 2022 10:25:56 GMT
accept-ranges: bytes
content-length: 22260
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/fire-rock-logo.png
216.15.188.190200 OK 970 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/fire-rock-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 8af92fcaab424b2e3369b538bd5739c7
b810a72934779b8f9b91645b98987b6ac4842a54
e33cc9c26e5fac6d150f61ee57f0b97c5c9ac4bd61cf7e52b6405a688b3e2762
GET /wp-content/uploads/2018/05/fire-rock-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:10 GMT
accept-ranges: bytes
content-length: 970
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/flowing-water-casino-logo.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/flowing-water-casino-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 96a7d7f58723198d367980cfade0b7b2
dbc177c0e7b0746c6b084ae0c833a46b36dcb4b1
139195e4bc73a77ce3de12972f31317ed75b76e963e98308437fe01970a28933
GET /wp-content/uploads/2018/05/flowing-water-casino-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:09 GMT
accept-ranges: bytes
content-length: 1120
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/northern-edge-casino-logo.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/northern-edge-casino-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 49ebe0b2383d08d934fe85ab16ce7bb7
384f6c3a83edcd72eea03f709b23bef216d5c449
b58e8e146cfa703d526f6da01f245cf041f91fa8c8ab5e327c7e57b7a5c4f865
GET /wp-content/uploads/2018/05/northern-edge-casino-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:05 GMT
accept-ranges: bytes
content-length: 1066
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 4b9a0f600cd596246bf78184ffe90548
6a9b7d228fa5e3f0e1ef9ce7278adb6cad30139f
d80dd34ba7729a52b1018d280fde0f7bec82d96e45856c444935bc3e257e4a6b
GET /wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:03 GMT
accept-ranges: bytes
content-length: 1123
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2020/10/navajo-blue-logo-2.png
216.15.188.190200 OK 2.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2020/10/navajo-blue-logo-2.png
IP 216.15.188.190:0
File type PNG image data, 154 x 51, 8-bit colormap, non-interlaced\012- data
Hash 36c6a99f1cac59fd8555c99caf6465a0
94dbf85b4295c5a5c3f10f8ddeaa267e0aaf9f96
9bddd4643721cda93cd2d6ad8ffc764c2afc608ee85c86f6f1686d43c9b0bb5f
GET /wp-content/uploads/2020/10/navajo-blue-logo-2.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 21:26:16 GMT
accept-ranges: bytes
content-length: 2520
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/15kHiCardDraw7.png
216.15.188.190200 OK 200 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/15kHiCardDraw7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199966 bytes)
Hash b92f1bffbeddf0d6ddd45ceef0596b3d
c15e8ec47eb4a5c6e300e184737dc5779f7c4d28
5a97177ef3ff1524612ed6c8f9b139956da3b649f4dcb8ca234b9e8ecc5e9aa8
GET /wp-content/uploads/2023/01/15kHiCardDraw7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:13:19 GMT
accept-ranges: bytes
content-length: 199966
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/NewYearNewGetaway7.png
216.15.188.190200 OK 291 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/NewYearNewGetaway7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGB, non-interlaced\012- data
Size 291 kB (290754 bytes)
Hash 0a8f2673e16311f9926a1515011c1fe4
f87d162ebcdb023ca7a2494d94c7bc27406a5f39
70d6fba214c95776f59e4de5538d4355e334a2aa8d17d3e26a71c6507529b365
GET /wp-content/uploads/2023/01/NewYearNewGetaway7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:13:54 GMT
accept-ranges: bytes
content-length: 290754
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/SilverPrivileges7.png
216.15.188.190200 OK 283 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/SilverPrivileges7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGBA, non-interlaced\012- data
Size 283 kB (282724 bytes)
Hash 5b26a0fabe82d9d82ea24426b702b4b2
b7f811568e64e14915bbd83a80fbe81e3bf17446
d2a2c732ae077cfa61db20556bfe6900ab26f4e483cd4f5d20ea61b5e838c890
GET /wp-content/uploads/2023/01/SilverPrivileges7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:15:44 GMT
accept-ranges: bytes
content-length: 282724
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg
216.15.188.190200 OK 943 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg
IP 216.15.188.190:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1855x1433, components 3\012- data
Size 943 kB (943300 bytes)
Hash 99681ec6bd4f0eb78067a914002b9f0b
fe4aed50575792df9db541229cd5e01cefe947ce
eb139deb30088a35e2132ca7aa70084a23b97c26ead3ac5aad9926013d39f48f
GET /wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:38 GMT
content-type: image/jpeg
last-modified: Fri, 30 Dec 2022 23:40:44 GMT
accept-ranges: bytes
content-length: 943300
date: Fri, 27 Jan 2023 14:32:38 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3
216.15.188.190200 OK 306 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (592), with no line terminators
Hash e576eebbe0a4707f924ada1fb3994b11
fc34bd52b0a5c2f751688be3e3b40fcd14c3af0f
e0156bce1fce14ad57c7cf6b915f57520acca9761dfcb5db2198a488fc19ec7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 306
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
216.15.188.190200 OK 6.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
216.15.188.190200 OK 2.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (8632)
Hash d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2645
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
216.15.188.190200 OK 2.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (9937)
Hash 49204cf52f39b1e15b9785d1fdb9fb4d
b02e2fb4f1e54b93e52b7084b50f015a680953c5
8955fe73098cdba5385083c9014f5d55da1b69d106635981617128c359261f4b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2880
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
216.15.188.190200 OK 2.4 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 216.15.188.190:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2354
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
216.15.188.190200 OK 6.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6872
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
216.15.188.190200 OK 281 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 216.15.188.190:0
File type ASCII text, with very long lines (463)
Hash 2bd32222de02ec6631cc34c5a5e0d23a
870c0f56cd4535a5546d974ff3eb2e3e66c97cfd
234dabb9c00a28b9055c7409fb1bc88581dfd807959239e281dbd7ef85df6551
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 281
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
216.15.188.190200 OK 1.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 216.15.188.190:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1575
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
216.15.188.190200 OK 3.7 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 216.15.188.190:0
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3717
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
216.15.188.190200 OK 858 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash be2374eabf981621988021fc2425df91
96272e603964f155600a1e8aa3835fe2fe95756f
2db40c016bc0a8cb0361a98a69c29e9043a42467198035460dc4604035729eff
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 858
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
216.15.188.190200 OK 2.7 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (8339)
Hash fa734a7edac912fe0dd64d553e03ce24
76ecc26bf8c3ab2f083a816729ade021fc0ce31d
f36fed518bce85ac04631138ca442fb3630037749d36e1003ca4c9a5ca41bc63
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2692
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1
216.15.188.190200 OK 1.5 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4230)
Hash 195f7259e4d622106534c411efbab52e
45f3fb5f1b226ca3b87bc0110fc8363a369c56a9
8a8e2390e4e2fa11ffd8471cb68a7f840bb1a8f888454e16dbc95970c1f78887
GET /wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1458
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1
216.15.188.190200 OK 1.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4145)
Hash 5d8ab242717db0b53caa5e432f0b2de5
3904696d5ab950faa19dd5d76ba8c58f5353c00f
dfc140a7f85b0f7be1a3f4cd6b787fa4ba9397d4c66ea7e5e1903d37520d4a25
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1277
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1
216.15.188.190200 OK 1.8 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (5959)
Hash 1731a20b854eb4d87e01eed65ce8d6e6
a54530be602794fc94da32a093c510e8ada302ae
88099d70563fc2c263b6c38da856d8014bf91073047b9af7a18fdbdaffc2c6ba
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1813
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
216.15.188.190200 OK 10 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (36560)
Hash 6a3abc4777f2019e8a4a56ef15fad918
f9a62dfb1c9a97a5339cb908c38bbe4e41e925d1
3dbaeb84eedb9802084c31f8f2962282fe36d32e7b6f9f36115aba450230cb0c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10499
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
216.15.188.190200 OK 1.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
216.15.188.190200 OK 5.1 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (18523)
Hash 69d44ed0699a7b6e24f3a15dee49ec98
a047c69a419930df77a93d4fb2c6972075da66c6
dd6ff9795762edb4f50545e28641781889d3ef127dadf270350007f523ab7029
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5120
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
216.15.188.190200 OK 4.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (18145)
Hash 40a06c22ccca1fe24af5c56ab90b6dd6
fd8604eb37050f0eaac024fc7f7a05119defb4a3
23cbc84c4c1c2a67f890dff176637fa339bce87691f5b43e20f3d1e278920296
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4648
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1
216.15.188.190200 OK 3.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (12793)
Hash 34975534fac388465e0315e20ca3a2fd
05b9c4744b6e25ed33df5bed6406a7b882146c8f
de3d007fee3141f0647850eb836dc97816342682c271aa142ad9403c898b7f64
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3629
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
216.15.188.190200 OK 1.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (6469)
Hash 71fb1bf715053ce88e6500710bdd1bcb
ab2542e9e5fa72f6e012083bc2a5be4635150e44
cfdb5fd50f137649cd5c9cd2c5e37aaf62f8b7e64082bc0457ac37c51ad766d5
GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:39 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1897
date: Fri, 27 Jan 2023 14:32:39 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1
216.15.188.190200 OK 832 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (2356)
Hash 3a3d4c91262a8189309293fa5db6403f
28cc7f494801219ec47bdb74a09b2d1937eb74e6
bf6f9e037a8f75139540ddf1c0b46c8251546608fd2180d586bb9c8dec655108
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 832
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1
216.15.188.190200 OK 1.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4308)
Hash a432db3e4012292266844f0742f466d6
99264e8bb0d89a0feb2e70d689da5b2968495f3a
58b96f836abfcf9253c38e1c7497c36f6ffc63f16b15ddf880bdc63f6e8c9caa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1304
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
216.15.188.190200 OK 6.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type HTML document, ASCII text, with very long lines (25274)
Hash a7e69a1542d0a43eddc8317544f17b1e
98e234ad57bc3362434b19a9706a12a208a6da9e
7ae4fdd186ab6ef0c5d2548e9bfb916e9c8556cffaf098ac2cfe1799fa9ab803
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6330
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
216.15.188.190200 OK 3.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (10572)
Hash 4d91b181c899d08e40a921209ff01a35
a1fab39994e7a3a0bd3669e4d90867bdcb4c92fe
f03654a085cb9f742b777444c1a0d98925dbc1cae16f9d9c634eaadad6633dde
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3000
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1
216.15.188.190200 OK 2.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (7451)
Hash 9fa87ca32d6e8e0bb3a5c340b2cdd3cf
fe89afe6bd2735532596c09f5bda17b68539012f
69bd41f6d5b4690ad0f96fb40a1006904469cfb7eb294ca3947599eb75f33fc7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2281
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1
216.15.188.190200 OK 2.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (6004)
Hash f461bea3a99553a81e8079c25b5579ee
02c6d731414a5444e55b610c2ae8f896bd5da33e
37115d62808d743aa9564fe2a67ba8036fb1517ca3104daf05276d5496ac05f7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1989
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
216.15.188.190200 OK 3.8 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (11760)
Hash cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3760
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
216.15.188.190200 OK 6.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (15439)
Hash 46c619da94a7689538602b22b02cb0d2
d161ff0b1a1cf9728c94a45d6e506b85dcebc84a
40fba14e5b02855b7773e2a364d90e178087c768ae4192f593a895a4c4b0d5e9
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6306
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1
216.15.188.190200 OK 444 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (678)
Hash ea38a044a01eb94f833b1509a6051e9e
a1895be9b7c78ae2c066c18e6879dd74629ac30d
ae6569939d46f49e5e3e4789001b8f9c854980c8121eef23fe6c5bed8f38e857
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 444
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1
216.15.188.190200 OK 534 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (788)
Hash 33c92ce0d92fb8a7ad61d417ca3d00b1
d2a2e95187b844c0b481b277aa72a750497a4e1a
7bddff391001510df7ebe37b4520377c2a866f3d36421054d623ad7d110f2d2a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 534
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1
216.15.188.190200 OK 400 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (595)
Hash 7c13e3d5d2faaea1e98145a1b1ff9ebe
d5a8dc8d80894277f780dcf44e8c8391719a96fc
53d86d77efeb134bd70c0d5172f65a2e2553c52c07a4e2b032d8f72b686af7f3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 400
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1
216.15.188.190200 OK 416 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (552)
Hash 7e170f5fc0408639fc726d374db1823b
18e66b6dd31207b53b01d69fe293725549c15604
f26978f4cd536b8dc98e2a7b9fb2110c2461e5a8e5be14b28f6cf7cb7c52f558
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 416
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1
216.15.188.190200 OK 587 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (918)
Hash 3b5ff5d438b826675b2aa029e2413ddd
6b65c3dd8b58aa1621eb3b405c6a7e0aef50bbb2
202d5cb5ed4179e2d961229c5c481fdb8d858036721048403215105ecfe4568e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 587
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
216.15.188.190200 OK 290 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (324)
Hash e730425aa52405fcf913d7a5e484c878
f18610aeb1353d8876983ccf24502c729e9d237f
2c4a06c2abcccf8f9654294184fa500aa3eba7a358802e8ce423326e2d26da9b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 290
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1
216.15.188.190200 OK 510 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (819)
Hash 1445dd0b1f6bf6269c40ce8395ab6fc4
ef58bb0151597ca8d414a02685b7812408f2a71e
7aa177b5ae385fdbe53a71d2da35b7632126287b14d7aeda46483b6e838314e3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 510
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1
216.15.188.190200 OK 341 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (442)
Hash d595b5e4a9e060ae93eba34bafc6ffdc
0f66aeb9ff02928c6c5901eceab3fc05a2b7b0d7
a43121cb11d93eeaec5808a40ade953c1e2346b74f827bc87d3a66384a26c8d9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 341
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1
216.15.188.190200 OK 373 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (484)
Hash 351cb47d8737f6d610cf73b6648e8ce3
4e84a39e9842b62158223b6c851661d0a223734c
9c9550cdda85529b57d4032862d1ae79d2d4427ac5efedb65323601d8c1b9df3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 373
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1
216.15.188.190200 OK 887 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (2290)
Hash be448ad7660329a3a497d7b8ece893aa
78b58e18accaef1cb9634017813d3e10008033c8
bdd2c66a9fc957727e0be1ee60c89320781459ac74ad1fa2ae43aa49fdc9a59c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 887
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
216.15.188.190200 OK 368 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (521)
Hash e185c49f11239fc93f8ddfabb1cd6227
ea2e1908ca8e114ee59955a3175604bbdaed3ccd
0116afbd69e32568e861f7d7cba1c0d3ecae2c59d5a5c875b8c2342b22e3e230
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 368
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1
216.15.188.190200 OK 433 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (644)
Hash 70355ca2dec0790ab6faed31f20d6a12
89440e38f3c5eccf075142183f7e9c462778e6b3
121cf76d635e6f968c86c6aecf96607505975926fd5c63297dd70b154cf85263
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:40 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 433
date: Fri, 27 Jan 2023 14:32:40 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
216.15.188.190200 OK 486 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (715)
Hash 3b7a30d4b8a9fac3700f506823b445a5
bfda8f407a298e3435300b51e4214e5624c9f3a1
564266f4459d3e44f0ae583d15423f5599fd0db813a2fed4b79dbcc4101b4676
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 486
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1
216.15.188.190200 OK 245 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1
IP 216.15.188.190:0
Hash 46586f87b8736a1c01b63685cff12ba9
ec1f2d502147ca8ee9e0cbb221db81e063b963de
eca97a30e3de3dabd3406730179a3495158454f08d4af0619a2dd135ac4be1e7
GET /wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 245
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins.js?ver=6.0.3
216.15.188.190200 OK 126 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (14756)
Size 126 kB (126419 bytes)
Hash dee161fa08993731e2ed2a88fcb9329f
b00d3aff98b6c0be5ef4bf7ba5ff11fe7043cdb9
cb19d1d4e28f0be4a1713452f995f1d86993164eb32cb9d98dc9a0f0efab3bd8
GET /wp-content/themes/bridge/js/plugins.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:11:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 126419
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3
216.15.188.190200 OK 14 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (62633), with no line terminators
Hash 1a2745354f551fc6ced7ff8a0fba74c0
22f1fea265f557848c8202280ce1b2fcee5f5abd
810cc58621880aee4bff8d0f0bbc769318ae4e9c85845d06b27ebb49b1a0d55d
GET /wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 14013
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3
216.15.188.190200 OK 1.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (6059), with no line terminators
Hash 9d3857011601a80726fe88556d597fb2
82bd64920fd4c3a235fa840c0265daafa1d2f8ef
95d5ae697bdaef272e77557300aca8a72d6033f006dbf26fbb98892fdc4e4c37
GET /wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1375
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3
216.15.188.190200 OK 6.9 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (550)
Hash c021aad149cb5ba028e6f38a6ca7b476
79805cc173a5f53854f009240df0d7c4aa6c60be
cd1b70431c3970e8c1867cc457d306a897fa86bf6df28b2a19bae90afec79b61
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6902
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3
216.15.188.190200 OK 632 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (1020)
Hash 3121d1d14d1ab1ee5a3dc7d2a482188e
2bd5e8a56ab3a4312244972ed5cd8955f7b0c770
fb3e136d13e98bf78273a34c1ff3ea60cb2c0ccd4db72b4750b9f89a1e6cdb39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 632
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3
216.15.188.190200 OK 3.9 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (11417)
Hash 25bbc9364ae6fdb9ee7fde67315d050c
53b4ccdc64aec24fa96ce5c0fd2833d51a92de80
848454e6a1ec0ac728d04865f512242e13f8db221089eb77dad7dd2f7d3b9931
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3853
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3
216.15.188.190200 OK 9.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (32003)
Hash aeaba22097e698869d19f9d8f6245348
df68f36a8dd690dd3a35042fcbfbddbdaaeaf655
ed796bee3a79b79f74f45dfa7176a7660581d3e44b3d8f6211391cb3460bde7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9448
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3
216.15.188.190200 OK 4.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (13547)
Hash 35d96f3fa0ccddfe6362afadf76399d4
6ca699f146382ec8bcbae7c61952423af56a0629
5b1c7c642573cd113c8a6c99d2ee7ec518197ec10eb0b95b7d909ec5208754bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4002
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3
216.15.188.190200 OK 1.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (5442)
Hash fbb281e56f1113643d4578bf18beee03
055719bf5d6bd80f027d7b0994595ed2faa92f83
cd052e866ef5786e9e62735e1cf530c15c4723a82df3a2f9a38df43873531b20
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1698
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3
216.15.188.190200 OK 2.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (8049)
Hash 526bf4ee927eb16f719d553f6a1bfb8b
c7f3d358f8354a89590d80a37d4651949adc464f
9c11c6b7724e3559ec399fb4e1790e0cb8374044a5159c57ccd14abf7a9935b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2496
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3
216.15.188.190200 OK 8.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (25057)
Hash 230073383d84e5c707277dbe7b2bf187
333b50ebc205e111303ae66cd28e4a596e2a864a
7d341974027d1d8d5a2dac3da5adfd0af3d40b517ec5a019b3f1c1a3f21fbdb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8541
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext
142.250.74.106200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.106:0
Hash b3ca7b4b96bce24e6a33a07eacf6c3aa
0c6ab1d2742f71e66f3db9d853fd664265cd083a
cc8aa801dfa079d2d4353a487e7f0185613b63e780fdb57e80c34f46cc39b654
GET /css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 14:32:39 GMT
date: Fri, 27 Jan 2023 14:32:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3
188.114.99.234200 OK 21 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3
IP 188.114.99.234:0
File type ASCII text, with very long lines (65371)
Hash 4c85db6e80696b8063d488025f51d1fd
aee7b91bc27c2e659f88294485a1b39a5934f13b
a7d711cc89511352f5e80b7285170c9808c9da323441c3f988d9889ba0f629b1
GET /bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 14:32:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/20/2022 02:31:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6badee49dcbeee95d6a4fb116d53378b
cdn-cache: HIT
cf-cache-status: HIT
age: 8779354
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790232ec3b6cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822
216.15.188.190200 OK 1.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822
IP 216.15.188.190:0
Hash 067496a2175fbfb57317734f3c5b4dea
faea0badcf002e0dfa3c9cafdd4eb843aae0e29e
56326dc46adb777f95e65a52b1755d5f00cb2c049bfaf388852be436d5ca148b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1434
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.106200 OK 40 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.106:0
Hash bb4e7a20328ee5647e69db5e7f85960e
855f6f1107a87597e69cbb509b6b4d82edac26b0
211ebc99dcc0a48f70faa38af98996276d8806e18c35b1908635c64ec98f0852
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 14:32:39 GMT
date: Fri, 27 Jan 2023 14:32:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/custom_js.js?ver=1667038822
216.15.188.190200 OK 85 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/custom_js.js?ver=1667038822
IP 216.15.188.190:0
Hash 24b28ecb559a8adf2ee81d794dc3352a
8381f0ae423fb7155cfb006261bb7c13345acc4c
e7a8810a40ac398eaf5862eed41b7388c648acba58021c08a381a62024ecaf48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/custom_js.js?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-length: 85
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
216.15.188.190200 OK 1.2 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:41 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1228
date: Fri, 27 Jan 2023 14:32:41 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6
216.15.188.190200 OK 7.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (17655)
Hash 26670605724b5bb4dde1f1d914d737cb
5223750bd2f7341295d53632278411fe1a8afa6f
f27bb7a07ceb26bd54630894e1ae5715484a68d6bf60eef676c04a82062a4eb2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: application/javascript
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7540
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6
216.15.188.190200 OK 1.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (2765)
Hash 85fa3a49d167f121499846ff7f1f72c1
0653e5d0c99fabfa62b7f6ce5ae7524e6889f2d2
51ec9b39329cd3a9fd7d9711181a67f1d20c341856ecd5064c10856ff1fc3f1f
GET /wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: application/javascript
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1485
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
216.15.188.190200 OK 4.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp
216.15.188.190200 OK 8.8 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e70276d68057e1bc781bcbc379e0c750
aff394ecfb8039652c5184ba0a6d9bdd84a1cdba
d5847fb4c9bb3ee9f4c3f4fffd54b3e82d7ecb83165e96d305ae86f4629aa8b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 10:08:45 GMT
accept-ranges: bytes
content-length: 8800
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/ship-rock.webp
216.15.188.190200 OK 44 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/ship-rock.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a88ba34df6243b9890f9277b0fdd0267
3c4e94178129c928bea99f8f6e080d0fd34540d0
77797dff0a46e7d26631f285cde956a2c5ea4e85f4d268672cf5609fdd3bcc73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/ship-rock.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 09:47:26 GMT
accept-ranges: bytes
content-length: 44292
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/navajo-bg-1.webp
216.15.188.190200 OK 168 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/navajo-bg-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 168 kB (168418 bytes)
Hash cf76e36206ba4b267f4a563a42458b2f
68bd03d173edf6fe22954b98d3329a914ee45d01
9edf5ec7927754403f2df7f63b29788df1ffef8e657037c94f69b930bed1d741
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/navajo-bg-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 09:56:54 GMT
accept-ranges: bytes
content-length: 168418
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.8200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.8:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 27 Jan 2023 12:41:10 GMT
expires: Fri, 27 Jan 2023 14:41:10 GMT
cache-control: public, max-age=7200
age: 6694
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=665437478.1674829959&jid=1880561110&_v=5.7.2&z=718106134
173.194.73.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=665437478.1674829959&jid=1880561110&_v=5.7.2&z=718106134
IP 173.194.73.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=665437478.1674829959&jid=1880561110&_v=5.7.2&z=718106134 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.northernedgecasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Jan 2023 14:32:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 14:32:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/wp-content/uploads/2020/02/northern-edge-favicon.png
216.15.188.190200 OK 722 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2020/02/northern-edge-favicon.png
IP 216.15.188.190:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7225604362597f8dc26f19f914041ca9
32e03f706685c5db90484ef7cb3a31e81fbb9e32
a34537411e3686c1204c44645893a0bd54081de432986e62b66100a2abbc43cc
GET /wp-content/uploads/2020/02/northern-edge-favicon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 21:29:10 GMT
accept-ranges: bytes
content-length: 722
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3
IP 188.114.99.234:0
GET /font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 14:32:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/04/2022 16:30:16
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0157da27c959d58ce386b514495c90c7
cdn-cache: HIT
cf-cache-status: HIT
age: 8782407
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790232ec5b8fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/06/northern-edge-casino.jpg
216.15.188.190200 OK 0 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/06/northern-edge-casino.jpg
IP 216.15.188.190:0
GET /wp-content/uploads/2018/06/northern-edge-casino.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 14:32:42 GMT
content-type: image/jpeg
last-modified: Mon, 17 Oct 2022 21:46:56 GMT
accept-ranges: bytes
content-length: 381435
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4
216.15.188.190206 Partial Content 0 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4
IP 216.15.188.190:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_728x90
Cookie: _ga_TXC8BHSENP=GS1.1.1674829959.1.0.1674829959.0.0.0; _ga=GA1.1.665437478.1674829959
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Tue, 03 Jan 2023 16:44:20 GMT
content-range: bytes 0-4438957/4438958
content-length: 4438958
date: Fri, 27 Jan 2023 14:32:42 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2