r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10205
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 05:39:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5844
Cache-Control: max-age=109751
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:39:25 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:08:36 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7945
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 05:39:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: v7G9bgWjjvg8bdYp8PREWpk/GcsaDSU8SMQUyOqIyUM3bVJud5hx+JQTEwxCuJKq5g97DUWxDtE=
x-amz-request-id: G2JAVE96MCZ88DW7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 04:46:34 GMT
age: 3171
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 05:19:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1174
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 05:39:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
52.74.194.135/
52.74.194.135301 Moved Permanently 169 B IP 52.74.194.135:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1d7e105f6929fa04f2ec0e8cc2bf18d3
9259ce376f72bf5861e0b455712baca565235602
9e5fe1fc9fb5e65dbb0af3bc4fcd3443a2dbf812bcd75f2bf7b17c3d7524b8fe
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.0
Date: Fri, 02 Dec 2022 05:39:25 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://52.74.194.135/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 05:11:15 GMT
cache-control: public,max-age=3600
age: 1690
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5842
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:39:26 GMT
Last-Modified: Fri, 02 Dec 2022 04:02:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y5z1InKYZL6Bt7UXvOMKkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9JSG0u11KukjgZPDuOh1ALrF8NE=
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 8907ddcdbfe605f7f832cc8855a0bf96
77f9778831c1adfc66dfc01fc63af212148f0a72
f1c851777b67fb46a1b8b6f27680e998a11329ce16c136de43f7557aabcc994a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:39:26 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 04:41:50 GMT
Expires: Wed, 07 Dec 2022 04:41:49 GMT
Etag: "77f9778831c1adfc66dfc01fc63af212148f0a72"
Cache-Control: max-age=427942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731b8d909911c02-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:39:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 28074
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 29080
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 26102
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 28291
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 28291
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 4609
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 501784e3b41091956316f83ad1abe481
5bca84128e07f5e6c7bce39802c4e82b8d258380
3729efce52620ca4857b5981fa67039b5759cbfad6384de3bb50e75640b4395c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95221
Date: Fri, 02 Dec 2022 05:39:27 GMT
Etag: "63884b8d-1d7"
Expires: Sat, 03 Dec 2022 08:06:28 GMT
Last-Modified: Thu, 01 Dec 2022 06:37:01 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qnbXEFlCKiQWHuP68at57gHl9O7MlI0U0OZvHI4OXvR1Q2bBlqs0vQ==
Age: 5367
bh01static.s3.eu-west-3.amazonaws.com/promotions/promotion_banner_102.jpg
3.5.224.140200 OK 105 kB URL HTTP/1.1 bh01static.s3.eu-west-3.amazonaws.com/promotions/promotion_banner_102.jpg
IP 3.5.224.140:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x280, components 3\012- data
Size 105 kB (105342 bytes)
Hash 072d4cabb3d005e32d79b446093607b0
bcb1a1fe2f502129343c6ef77c82935e62c6d5ba
35be58234850102842d23ffe427a9a6ff9dcd2158c21834fbdaa1453071e998b
GET /promotions/promotion_banner_102.jpg HTTP/1.1
Host: bh01static.s3.eu-west-3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hBc8oyHLmcFswlxkx1pQLCxEMgXnIwOpz7C3TaHsyjH5mPpwgTHJrUsTm3dCJ01NeETb9n0NGiK8trmF72gXpw==
x-amz-request-id: 1DD4369T366CBF6W
Date: Fri, 02 Dec 2022 05:39:28 GMT
Last-Modified: Thu, 17 Nov 2022 22:03:33 GMT
ETag: "072d4cabb3d005e32d79b446093607b0"
x-amz-version-id: SjDOEkl3dTC0G_vIkNNz6waM9itT6BVT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 105342
52.74.194.135/_nuxt/img/slots-muted.0af49c5.svg
52.74.194.135200 OK 2.1 kB URL HTTP/2 52.74.194.135/_nuxt/img/slots-muted.0af49c5.svg
IP 52.74.194.135:0
Hash 353ecdc657623a0cd326b9eaad11de81
d82e16831d6cfc04c5f7eed0973a5ea7a8713990
7cfe6a2d5fd74c13c546462a9e2438e96b483954e376e0c1c41af83b4264ced9
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/slots-muted.0af49c5.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"113c-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/licence/idnplay.png
54.230.245.221200 OK 39 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/licence/idnplay.png
IP 54.230.245.221:0
File type PNG image data, 1406 x 161, 8-bit/color RGBA, non-interlaced\012- data
Hash a3de87fab75e7ce205055ebf5a2f4f65
d3e8af8a88ca589afceba7f5235e2f7d1b005a5f
c4cb22031dbeb5333cb6a11b65cf9dad265586c9e80dc5e8ed4e06e2cd83c19d
GET /common/dark/licence/idnplay.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 38741
last-modified: Thu, 22 Sep 2022 09:18:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 07:45:09 GMT
etag: "a3de87fab75e7ce205055ebf5a2f4f65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p37cCiXmupPdn2RZMP2W9bWi6cOS7Gl93UczxF0RplW4g8ccbJcXJw==
age: 78860
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/fishing-muted.4d27742.svg
52.74.194.135200 OK 38 kB URL HTTP/2 52.74.194.135/_nuxt/img/fishing-muted.4d27742.svg
IP 52.74.194.135:0
Hash ae69f40c408aa3a2e2c93d78fd85714c
f76cb65318e933d14a0c64827fb02ee34274ed51
cae9e02d6dcacdd0a3f2959bc97cd724f317c5b41e857ca6243f8165471b0261
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/fishing-muted.4d27742.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1294-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/fonts/idn.6b0cc69.ttf
52.74.194.135200 OK 63 kB URL HTTP/2 52.74.194.135/_nuxt/fonts/idn.6b0cc69.ttf
IP 52.74.194.135:0
Hash 14c5adbb667ab20f075bec6ee4e3c587
da48dc6604b1fb7ca8a2d70a3d4ff1fb4fa3c5b2
d269b3fe7ee1cea8390985480a24fd8077387253223629d22e8480450238251a
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/fonts/idn.6b0cc69.ttf HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: font/ttf
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"e19c-184c2a5952b"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/flags/id-ID.svg
54.230.245.221200 OK 678 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/flags/id-ID.svg
IP 54.230.245.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7b9fcd93882393aaa16043a04c4a3bb4
d80a93559c2d75cf29b9a48591e3abf3fd8cf046
b16649c3ef1f2f3a583d6f4e8c0249fb1fdec133475336efb794949cfa677d5a
GET /common/default/flags/id-ID.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 678
last-modified: Thu, 23 Dec 2021 12:44:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Dec 2022 05:14:01 GMT
etag: "7b9fcd93882393aaa16043a04c4a3bb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iItk6DTjU9DcVlngTB5pyvuKLFEGGln8sSGJVjfmwD2h4FKEx2c98g==
age: 14585
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/4ce6f82.js
52.74.194.135200 OK 44 kB URL HTTP/2 52.74.194.135/_nuxt/4ce6f82.js
IP 52.74.194.135:0
Hash f3b10685923882cf4d5cb35a2616ff4b
5b7d055b53ce825e981ab4c0a672940cc5cb50d4
1b1c7b4271faf867a4848080a3a745cd8b05eec48905ae6b5f7898101777e26e
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/4ce6f82.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"3ddd-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/fishing.0b26f7a.svg
52.74.194.135200 OK 37 kB URL HTTP/2 52.74.194.135/_nuxt/img/fishing.0b26f7a.svg
IP 52.74.194.135:0
Hash ee11e7e0de25ad076e1d4687511a492a
1d83f58a07a7f6742df228bb08128e8701d5f4c8
00d5cc36bc0cde13986d011904fe75f95140060e5b6f97ab43ee77d39250c6da
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/fishing.0b26f7a.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1294-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/lotto.png
54.230.245.221200 OK 35 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/lotto.png
IP 54.230.245.221:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 29365a60110a8c23dec36fbc52d5dc51
046e44b51f70ebbea7a38d46360a0be69e612ca5
55d9411952e4bab987deb2d641b33c07eed5527fdd3455f8e02b5fd92f841d32
GET /common/default/lotto.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 34592
last-modified: Thu, 09 Jun 2022 08:51:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 08:38:43 GMT
etag: "29365a60110a8c23dec36fbc52d5dc51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VqZo7l8FwSKZLMwXbXN2R41mT7ftf4ODqxwZ-msVDJHTzSnb5_n7Bw==
age: 75646
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/poker.png
54.230.245.221200 OK 35 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/poker.png
IP 54.230.245.221:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 7a0da410d2ba037f5d756baa58459dd4
5084b352fb87c601242d96bcc50405dc10dbad5a
929540034f00945fc1275aebaf33931812cd4f2182018503639684a3cf14f099
GET /common/default/poker.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 34573
last-modified: Thu, 23 Dec 2021 10:36:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 07:23:10 GMT
etag: "7a0da410d2ba037f5d756baa58459dd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6_XBzgR3tOEPpkibNfA8g1hL-dRMrux7dB9mf96VXCZDrcASXVVDgQ==
age: 80178
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/e-sport.png
54.230.245.221200 OK 44 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/e-sport.png
IP 54.230.245.221:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 1f7610cf9a0fa89023ab164d12a24f2a
73e5db5cb65ada33124fc003aa9c660a35ff56d0
6554d5e159e0ffebbd4c83653f6a882f82c271635d1cf499559c932a53e7a751
GET /common/default/e-sport.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 44074
last-modified: Fri, 09 Sep 2022 14:36:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 07:23:10 GMT
etag: "1f7610cf9a0fa89023ab164d12a24f2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J3_f372fgfQHaI1r5DzvfrR3rCouqTp8hie5TqS9rHzS05WTu2isjA==
age: 80178
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/lotto-muted.de2b550.svg
52.74.194.135200 OK 4.5 kB URL HTTP/2 52.74.194.135/_nuxt/img/lotto-muted.de2b550.svg
IP 52.74.194.135:0
Hash 066b61403747847ebd980642b11ac980
6068a1f7eb3831049259b92d05d2ef7f40053ba3
acc31ba2ce674198d0c02bf2720b07a68f0e7d339f334d3658b4b85687e15898
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/lotto-muted.de2b550.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"24c0-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/fishing.png
54.230.245.221200 OK 55 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/fishing.png
IP 54.230.245.221:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash d35aa63cde2ead6ca9ec99c4d026078b
63e298022a5d034a284d47ad6e353f18f3efdfa1
100360a02464570e006bc76f8f8936362e4cabe4ff9cb898d778616fa44dbf71
GET /common/default/fishing.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 55381
last-modified: Thu, 23 Dec 2021 10:36:03 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Dec 2022 05:14:16 GMT
etag: "d35aa63cde2ead6ca9ec99c4d026078b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OIQkeCjG0hO0846o7xzzDR1imWF-wudqudNwZRK37bNsu8_M27XZCw==
age: 4045
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fdb3fbabc9d0fdd42c1230d360cd2d44
3968a4d120665750710b64068c0af871d1a149d5
b774ad6e513f484794d2f3985d3b42667e11c38c6def308bcce6b3d81ebff9c7
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: D3KEkfL4U2Yk1ikvSs7spz9_JmtUYKdfxg54PQ9go4a6WarOC0Sz5A==
content-length: 26070
cache-control: max-age=28800
expires: Fri, 02 Dec 2022 13:39:28 GMT
date: Fri, 02 Dec 2022 05:39:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/55d8b1b.js
52.74.194.135200 OK 91 kB URL HTTP/2 52.74.194.135/_nuxt/55d8b1b.js
IP 52.74.194.135:0
Hash a37a5508113d101b98f0ed1fd24e4ee9
d3ef227cdff676995675a7df261bd1b3866d2c4e
0c67af07040d18128233711c4b5dda986e80b448cbde067b41c184c7f88b5cab
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/55d8b1b.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1902c-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/esport.c4d05b2.svg
52.74.194.135200 OK 33 kB URL HTTP/2 52.74.194.135/_nuxt/img/esport.c4d05b2.svg
IP 52.74.194.135:0
Hash 1f92d3f5e49e0f8e0a9e196a3e1f76ba
f2fceada93cb8b4ce5c7b030a5ade8b1ca45d50b
9f51ab40251fc4f17035b1b4d331664ad905fbe85573dd6a68551d19ec958df1
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/esport.c4d05b2.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"12c6-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/lotto.c67026d.svg
52.74.194.135200 OK 62 kB URL HTTP/2 52.74.194.135/_nuxt/img/lotto.c67026d.svg
IP 52.74.194.135:0
Hash 0d16a5372d22c172ac8a9a2fb430f36b
765b90f39015dfbb4e7eaa58376adcb61c1d314b
898d89aac6740d4264534712bf556067901cc953ea45de4b25cc3b6df30188c1
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/lotto.c67026d.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"24c0-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/casino.422f340.svg
52.74.194.135200 OK 34 kB URL HTTP/2 52.74.194.135/_nuxt/img/casino.422f340.svg
IP 52.74.194.135:0
Hash c94cbc07ed55bc243961b6cdc13bf271
66b898bd4d62a0def6cd137fa3d09b29554c9a25
f996902f13a9e89af21939602fc6cb5cf97f9f501926ed4f93987abe10811576
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/casino.422f340.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"120a-184c2a5952b"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/poker.150067a.svg
52.74.194.135200 OK 32 kB URL HTTP/2 52.74.194.135/_nuxt/img/poker.150067a.svg
IP 52.74.194.135:0
Hash 8edfd784ed55c266d4a577c43e9bb7d1
73649a7535a3f037569032596c4771d87cce87c3
57d7ca1c6492390151a14afb46dc9bd4812d4d6d06638087a4ba6daedde59b5d
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/poker.150067a.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"139e-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/00a8484.js
52.74.194.135200 OK 109 kB URL HTTP/2 52.74.194.135/_nuxt/00a8484.js
IP 52.74.194.135:0
Size 109 kB (108645 bytes)
Hash 016fad7d29b7bf23265c8595aa9631a5
41bda45befc7e0efbfb227240350e6a201a0c274
ef51675fea11ed5c572be5d62bc6b0ffc640cfd7e562642183665eba678868c0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/00a8484.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"4026d-184c2a59537"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/b46e252.js
52.74.194.135200 OK 40 kB URL HTTP/2 52.74.194.135/_nuxt/b46e252.js
IP 52.74.194.135:0
Hash 6feb6bc51f17452477115285fba7b5ac
e5ec428799332ba01f26298daac5485ee76a0173
2db134c54867ee7c566da656019daa2873af7ac67ac73140a9ac83fa4f90eec2
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/b46e252.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"3d47-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/slots.483f6ca.svg
52.74.194.135200 OK 37 kB URL HTTP/2 52.74.194.135/_nuxt/img/slots.483f6ca.svg
IP 52.74.194.135:0
Hash 094e6317afe6db7c6031c38048f593c4
bb99985139d24044e51d8c2be914413fed990faa
871e452f7790c9e8304251a7c05c64bf8c9b96250937f722025b9a8d110d0566
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/slots.483f6ca.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"113c-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/3979/thumbnail.jpg
143.204.42.18200 OK 32 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/3979/thumbnail.jpg
IP 143.204.42.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x145, components 3\012- data
Hash 0a5554cc7219ebb27f7e5bb808d3e39a
a7a11f65e664d4abe359384d51941995359c4bcf
a0168e179a85bc5ff58be59ea15f7f9e20cd216471bde039f84ed4130d0d4f36
GET /game-images/pragmaticplay/3979/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 32478
date: Fri, 02 Dec 2022 05:39:29 GMT
last-modified: Thu, 31 Mar 2022 09:37:18 GMT
etag: "0a5554cc7219ebb27f7e5bb808d3e39a"
x-amz-version-id: iaTyvwMk3LmzPZa.DnCvbLUeOxW4wLeP
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1cxrYBDk1Y_P4pr-VHoMDHIKRwiOY2eXdrfWrd5NBcwne5r5ejumYw==
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/a56526a.js
52.74.194.135200 OK 115 kB URL HTTP/2 52.74.194.135/_nuxt/a56526a.js
IP 52.74.194.135:0
Size 115 kB (114934 bytes)
Hash 0431e70d782ad41e6edf8835efee51bf
e2985f28497834488b62501c8579b1b6294439a4
dd6243d18cfe65b0d38abeb97b605b83f402704cc12610e3ba0670be04022152
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/a56526a.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"3f484-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/a9854e8.js
52.74.194.135200 OK 38 kB URL HTTP/2 52.74.194.135/_nuxt/a9854e8.js
IP 52.74.194.135:0
Hash ea979bc0de7d5756199b926ebf7d7f16
61ca50064287524e15ba429ea7842358c6f691fd
d7f975daa88d4570171ac49fa1416ac8bd725536b3a71ca3ebad0126b08578a0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/a9854e8.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"8089-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/microgaming/4945/thumbnail.jpg
143.204.42.18200 OK 46 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/microgaming/4945/thumbnail.jpg
IP 143.204.42.18:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x145, components 3\012- data
Hash 98e4ca81d304945ee225a447f03b198c
942aefbecf851d419c7902459ccac92753f2a2c0
3e0a08da1199835b6d9ee8064aaa0631642d3bba9333fa8ba376ddcd30a4b782
GET /game-images/microgaming/4945/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 45857
date: Fri, 02 Dec 2022 05:39:29 GMT
last-modified: Wed, 23 Nov 2022 01:43:14 GMT
etag: "98e4ca81d304945ee225a447f03b198c"
x-amz-version-id: z9d2SJVjNTbQts9dmjqkk_qxpEdEmVxf
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4fOBD-S9jMuwX9YC1SIfqkAT4_xIrXUBuRv8Rein_iVTi5VySa5-5g==
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/icons/icon_512x512.96a573.png
52.74.194.135200 OK 30 kB URL HTTP/2 52.74.194.135/_nuxt/icons/icon_512x512.96a573.png
IP 52.74.194.135:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 70164e8260d90a3ea9652284ed8d064c
393a2173fb23448cad2b1c394eb81e8d67bf3c3b
e0863effd69cb2657a5a19e8de3406b8f7349e2b569868ac338a7c8b192964a8
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/icons/icon_512x512.96a573.png HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:28 GMT
content-type: image/png
content-length: 29951
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:08 GMT
etag: W/"74ff-184c2a5ac9f"
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14095896&url=https%3A%2F%2F52.74.194.135%2F&channel_type=code&jsonp=__ustujch7dbm
23.36.79.17200 OK 263 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14095896&url=https%3A%2F%2F52.74.194.135%2F&channel_type=code&jsonp=__ustujch7dbm
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash b4b4f23a8cb651c3beb5d197f3010e60
e020005e690a237b44edb30b09a18e4ff7497815
db421d59c71949130eade5913522898c6f6758419345c7ea996c7762bec5fa13
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14095896&url=https%3A%2F%2F52.74.194.135%2F&channel_type=code&jsonp=__ustujch7dbm HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://52.74.194.135/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://52.74.194.135/
content-length: 263
date: Fri, 02 Dec 2022 05:39:29 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14095896&version=245.1.1.227.67.78.1.1.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
23.36.79.17200 OK 1.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14095896&version=245.1.1.227.67.78.1.1.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (5132), with no line terminators
Hash 1f5e36fb9020da84856ebdb6261284fe
80e5a91872fdb6cc53f7a2bf1cbaa5b250c0e78a
8cb053a7b3a01f49a046aadece0fbbf60acbd661eee40d49b67f23e64595cbfc
GET /v3.3/customer/action/get_configuration?license_id=14095896&version=245.1.1.227.67.78.1.1.1.1.1.4.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1710
cache-control: public, max-age=600
expires: Fri, 02 Dec 2022 05:49:29 GMT
date: Fri, 02 Dec 2022 05:39:29 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14095896&version=13159fb2ee05429e3ae48a4031b3d0e0_efb0bda4bf6f806cc8acbe07927e0a8f&language=id&group_id=0&jsonp=__lc_localization
23.36.79.17200 OK 4.1 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14095896&version=13159fb2ee05429e3ae48a4031b3d0e0_efb0bda4bf6f806cc8acbe07927e0a8f&language=id&group_id=0&jsonp=__lc_localization
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11714), with no line terminators
Hash 630da6471a5ea556bebe931962b1abd6
15ed330f014b7d424619d9bf2d80f0ab07111976
dfb44b6771888e45f20b293aee7a44f6f9326cd20073906699174d1c9e98d7cd
GET /v3.3/customer/action/get_localization?license_id=14095896&version=13159fb2ee05429e3ae48a4031b3d0e0_efb0bda4bf6f806cc8acbe07927e0a8f&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Fri, 02 Dec 2022 05:49:29 GMT
date: Fri, 02 Dec 2022 05:39:29 GMT
content-length: 4061
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=14095896&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.17200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=14095896&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=14095896&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Fri, 02 Dec 2022 05:39:30 GMT
content-length: 2558
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
23.36.79.17200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 05:39:30 GMT
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
23.36.79.17200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 05:39:30 GMT
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 05:39:30 GMT
date: Fri, 02 Dec 2022 05:39:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 05:39:30 GMT
date: Fri, 02 Dec 2022 05:39:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/865707b.js
52.74.194.135200 OK 6.0 kB URL HTTP/2 52.74.194.135/_nuxt/865707b.js
IP 52.74.194.135:0
File type Unicode text, UTF-8 text, with very long lines (22809), with no line terminators
Hash 2fa28c4f6eabef4ae7def3eef2e92b59
85b14777034fd30aee33aa8ba3fe38bf747f9891
6ed9ff84141e6438ca38a35ee0af846de79acca9217d8bd468761ff60aed9e98
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/865707b.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:29 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"591b-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
23.36.79.17200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 07288d01cc65649bccb9227835c856a1
08d3b8c9eab572354b7ecdf62a3f20cac9175fa9
3db2664551cbde4efb133c307b5c49973c5a530b2a9085a6d34fc20a45509b67
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Fri, 02 Dec 2022 05:39:30 GMT
set-cookie: __lc_cid=d1daf3c0-93c0-4162-5f00-624f2a7542c3; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 02 Dec 2024 05:39:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=bb7653491219f488adef933296561576523207ebc3e093de4106d9fce0721c8d13318ba504fd80737be5cf728341153e3b8e14be52ef1f0fa859a77edac4; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 02 Dec 2024 05:39:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=d1daf3c0-93c0-4162-5f00-624f2a7542c3; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 02 Dec 2024 05:39:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=bb7653491219f488adef933296561576523207ebc3e093de4106d9fce0721c8d13318ba504fd80737be5cf728341153e3b8e14be52ef1f0fa859a77edac4; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 02 Dec 2024 05:39:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1669959600&tag=befd8f88f1b8200a47bbb7d52ecc5f31f839733e; Path=/; Expires=Fri, 02 Dec 2022 05:40:00 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/8d6536f.js
52.74.194.135200 OK 23 kB URL HTTP/2 52.74.194.135/_nuxt/8d6536f.js
IP 52.74.194.135:0
Hash 8fa0b131ecae2ca1f13f3aef077fcf60
e0355ae93136de042af5dea574c1abf63a37f7b6
006cf6b772b6a1a6af79379a991cf544b51c7f0d0a4950fc419a9582fc022183
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/8d6536f.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1ac5-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/de205c6.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/de205c6.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/de205c6.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"4c5b5-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/referral.8821aeb.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/referral.8821aeb.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/referral.8821aeb.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"5a5-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/sports-muted.e4e1f8a.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/sports-muted.e4e1f8a.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/sports-muted.e4e1f8a.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1722-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/idnslot.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/idnslot.svg
IP 54.230.245.221:0
GET /common/dark/slot/idnslot.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 25 Jan 2022 12:41:30 GMT
server: AmazonS3
content-encoding: br
date: Fri, 02 Dec 2022 05:14:13 GMT
etag: W/"3978f870bc1c74c48e41b90a15796a77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kAzsn-Un-Au1dt4XJ4w7dixyvQYiUIikVQi7-AMs82vr_LzDSU5A1A==
age: 9424
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-new.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-new.svg
IP 54.230.245.221:0
GET /common/default/ribbons/game-new.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:30 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Dec 2022 05:39:28 GMT
etag: W/"e3fc807cb3594670eb9cf2f901d6c77a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6HdDYdbzdh4t_AVY8SG3lZGBYHCKIRasIqWcKAMvX9SQj-A1X6KYVg==
age: 10049
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/18769c7.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/18769c7.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/18769c7.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"25ad-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/
52.74.194.135200 OK 0 B IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:26 GMT
content-type: text/html; charset=utf-8
set-cookie: auth.strategy=local; Path=/
etag: "23c02-yMQT8buHgDYG2mU/g1rzjc5DLbc"
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/1447fa4.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/1447fa4.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/1447fa4.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:29 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"570f-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/sports.c0f4dab.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/sports.c0f4dab.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/sports.c0f4dab.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1722-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/b1ca6b8.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/b1ca6b8.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/b1ca6b8.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"2cac-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/ea2bfa0.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/ea2bfa0.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/ea2bfa0.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:29 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"65d0-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/promo.d1604c2.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/promo.d1604c2.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/promo.d1604c2.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"e14-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/20f8fc6.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/20f8fc6.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/20f8fc6.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:29 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"d79-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/ce3d4f5.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/ce3d4f5.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/ce3d4f5.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"c92-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/hot.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/hot.svg
IP 54.230.245.221:0
GET /common/dark/slot/hot.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 04 Nov 2021 07:24:33 GMT
server: AmazonS3
content-encoding: br
date: Fri, 02 Dec 2022 05:14:13 GMT
etag: W/"dec8e19589366a53d79d771694a89ed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K9lQJX7e75ijolqYEOzthHk1XNS4NB8vhlHZtv3iqyZpdSjozGQt0w==
age: 7766
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/140/logo/game-placeholder.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/140/logo/game-placeholder.svg
IP 54.230.245.221:0
GET /140/logo/game-placeholder.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 01 Dec 2022 14:49:53 GMT
last-modified: Tue, 08 Feb 2022 07:50:31 GMT
etag: W/"4b80c376b732a95cccec46e7e22d5048"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L5Dz8hfaQwWABO7STE3TXlhYbk2pj-oOFmkkH18gd4gu5kaQSNpTsg==
age: 53376
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pragmaticplay.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pragmaticplay.svg
IP 54.230.245.221:0
GET /common/dark/slot/pragmaticplay.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 04 Nov 2021 07:24:40 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 07:10:21 GMT
etag: W/"10a34c33228e40fc24bc44e0554ca0fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _83masgc_W-lAEptMlN8_HY8nFvFEwAjaO3f79KFA31oJCwE7eELTQ==
age: 80948
X-Firefox-Spdy: h2
52.74.194.135/favicon.ico
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/favicon.ico
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:28 GMT
content-type: image/x-icon
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 09 Aug 2022 15:48:42 GMT
etag: W/"47e-182834b3cb1"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
23.36.79.17200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 1Ip4wPazEkF_uHKhUPZDS0tSsxvZSsZmEMk6Zoy43CtXbndWYhSu6A==
content-length: 206714
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 05:39:30 GMT
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/ac2ee08.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/ac2ee08.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/ac2ee08.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"e15-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/713f690.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/713f690.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/713f690.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"1082-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/esport-muted.d8a38eb.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/esport-muted.d8a38eb.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/esport-muted.d8a38eb.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"12c6-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/casino-muted.b0f2af7.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/casino-muted.b0f2af7.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/casino-muted.b0f2af7.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"120a-184c2a5952b"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/chat.1a1ff28.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/chat.1a1ff28.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/chat.1a1ff28.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"af5-184c2a5952b"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/dc76f89.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/dc76f89.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/dc76f89.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"e90-184c2a59537"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/provider-promo.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/provider-promo.svg
IP 54.230.245.221:0
GET /common/default/ribbons/provider-promo.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:33 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 07:01:02 GMT
etag: W/"ae069c43880df8b50f795f044743f7fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WJ_OcymrDLAsr7SLz0SfBjS6I7Xn1eZqMbuVl0voOmiYrdwmPPel8Q==
age: 81507
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/microgaming.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/microgaming.svg
IP 54.230.245.221:0
GET /common/dark/slot/microgaming.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 11:33:12 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Dec 2022 05:14:14 GMT
etag: W/"c7a014a2c522261e414e1d0af8ba6294"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cObDfjwd9r04QIF5H2ipg3PR93BlfOypYwl5DiA0pF4wCZHfZzxy7g==
age: 9663
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/1b281ef.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/1b281ef.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/1b281ef.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:29 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"10de-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/201bb40.js
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/201bb40.js
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/201bb40.js HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:30 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"48a7-184c2a59533"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-promo.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-promo.svg
IP 54.230.245.221:0
GET /common/default/ribbons/game-promo.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:31 GMT
server: AmazonS3
content-encoding: br
date: Fri, 02 Dec 2022 05:39:28 GMT
etag: W/"896814ef9690f1b1080d6fcc6960ddb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YYOKhYZIpwyHM0_DDI4rLwgsAh4lVf3p71FJpBYGJY2_UiN-ecu12Q==
age: 13140
X-Firefox-Spdy: h2
52.74.194.135/_nuxt/img/poker-muted.8009984.svg
52.74.194.135200 OK 0 B URL HTTP/2 52.74.194.135/_nuxt/img/poker-muted.8009984.svg
IP 52.74.194.135:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/poker-muted.8009984.svg HTTP/1.1
Host: 52.74.194.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Fri, 02 Dec 2022 05:39:27 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:09:02 GMT
etag: W/"139e-184c2a5952f"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pgsoft.svg
54.230.245.221200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pgsoft.svg
IP 54.230.245.221:0
GET /common/dark/slot/pgsoft.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://52.74.194.135/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 21 Jan 2022 12:46:20 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Dec 2022 05:14:13 GMT
etag: W/"b2d1f6d86ab9de70d60b9c54cd7ad4ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BLi7WwDXkKkSYFZmNzS_FsDhc7-c0kBOhlal-2P_jWMFcEBDb2z-VA==
age: 9664
X-Firefox-Spdy: h2