r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7752
Expires: Wed, 09 Nov 2022 05:00:15 GMT
Date: Wed, 09 Nov 2022 02:51:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2221
Cache-Control: max-age=116229
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:51:03 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:08:12 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9472
Expires: Wed, 09 Nov 2022 05:28:55 GMT
Date: Wed, 09 Nov 2022 02:51:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sfFJuF4yKWpPorAMM9ArgO7Ag+MlPA/hLjRjYYa4mFXDif4kX2sglvd4aaiMTnab/hS/j8X/vWJi9TGp+JBfrQ==
x-amz-request-id: 2CEWYPV6FVTP96PY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 02:11:33 GMT
age: 2370
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 02:51:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
172.67.196.96200 OK 2.5 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
IP 172.67.196.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 96eacbb9385bfc0d3c37f2f5b8ad93bf
aabca0905174ba59cff6af942fd8a8cb9348cc6c
953f61c968ddf65bbcbc92d9ba6f279ff202ce78bd5f951f09d6ecede217ca30
GET /au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Mar 2022 22:16:14 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBtkLXp2k%2Btds4xoHlSpu1Lah7TTdMadxnPcjGLWL%2BcjvkiI83XLr51xEuP2VmfPZpM4VgtoCY8ZvYqhZ9qxvZAjAkJxupoaqNYrA0EvR4SQqZXmH74pUR3fTQtlDBKXwuTKH4rLrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76733e91dfcc0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
code.jquery.com/jquery-2.2.4.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:51:04 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667962264.dop067.sk1.t,1667962264.cds213.sk1.hn,1667962264.cds214.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: max-age=113629
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:51:04 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:24:53 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b21f096da3721bb1280db1f37bd630fd
ab65edda4e39f01043b1d644777963e03d287f9d
dcf3ae69a95cf3c91bb4f85419a9183a93f583968d00ed80f1e174317d426204
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 08:20:01 GMT
Expires: Sun, 13 Nov 2022 08:20:00 GMT
Etag: "ab65edda4e39f01043b1d644777963e03d287f9d"
Cache-Control: max-age=364735,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76733e969bd31c12-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2fe5c9e4eb3628bf2ec24516ac5b1efd
d5d6e1081969ccb5a2c859dbb08ac31079d6ab75
11f8421ed48150683cdab40019b712583b575b36adc3878142b336138607da0a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 06:25:22 GMT
Expires: Mon, 14 Nov 2022 06:25:21 GMT
Etag: "d5d6e1081969ccb5a2c859dbb08ac31079d6ab75"
Cache-Control: max-age=444256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76733e96ad38b4ed-OSL
my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
IP 139.45.195.8:0
Hash 1d1522de413d0b27a43e7be4efeb0405
58c52eec6da93a26b374308e6189b8af139624f7
d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193
GET /p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 02:51:04 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
172.67.196.96200 OK 1.3 kB URL HTTP/1.1 ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
IP 172.67.196.96:0
Hash fada1c1c8f5d5f132a8ef8c7d9b8acb8
b68c7f11472a60d44066c74148ac66342a376d88
62fe5b7673d0131f91bf20b3f27b1c1ad451e8c55138c53df979d3c6675773bb
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:04 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1341
Connection: keep-alive
x-amz-id-2: 8wBYFEh+h5zvrcGG+3Gd0AktHkJ7xMwv+TvQ7cIJmRB+1tUpqe1f2zRsoFngpHP9lXazK8lhkyg=
x-amz-request-id: Z1P6GTZS9VPNVERD
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 20 Sep 2020 20:04:31 GMT
x-amz-version-id: 2bL1VcGU_tj5tpwF05lbWzNgeL0LPYgo
ETag: "fada1c1c8f5d5f132a8ef8c7d9b8acb8"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goulwZRtt6tJyNTf8LWerJpxF3EqudW4R4F9mXG94LllpaG7jBexoCzraNUyn6ddE0uZz6SZ7NZEcCE3scF8NmSv3Mt3w6GQXJVDsKp%2Fgr5WumL0eHP8ttGy8kVYklntkkpAgeCMKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9608d30b31-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gOz6jArbE0JR0OYqrfGeAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TIyhyZxnR5qjEMPg+3FADGTKXKY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3fe5c674bedb2a8173ec6ec2fee22621
f11f9449cb1794414f5434459d7cd4f2af834695
1a0c175fa06f3679b0628fd85801bb3963604a4a78336646c11fecfed2cdd6e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A0C175FA06F3679B0628FD85801BB3963604A4A78336646C11FECFED2CDD6E5"
Last-Modified: Sun, 06 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5582
Expires: Wed, 09 Nov 2022 04:24:06 GMT
Date: Wed, 09 Nov 2022 02:51:04 GMT
Connection: keep-alive
redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
139.45.197.251200 OK 27 kB URL HTTP/1.1 redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb980d3e4fce6e45e799fea7b20c1780
f47d9f3f6398c76faa33f23af8e1c0db7a1d9263
8e3c68b99f1e7789e4fc08af12cbd3594f14dda8213f9a683df8d9513f585075
GET /pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 02:51:04 GMT
Content-Type: application/javascript
Last-Modified: Tue, 08 Nov 2022 14:20:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636a65b7-12fca"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ezcasinowinners.club/au/aweber/lp1/main_script.js
172.67.196.96200 OK 311 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/main_script.js
IP 172.67.196.96:0
File type ASCII text, with CRLF line terminators
Hash 8b3a0e835d236512492fac630b37a757
eac11f60f5ae6cd79de64c3f5c427acb059fc8f7
34cdccb8f89775bdefb34b79520286c6207e4ee7a1de36d147b26eafc2d1aedc
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp1/main_script.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:31 GMT
ETag: W/"6102d063-3d7"
Expires: Fri, 09 Dec 2022 02:51:04 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYOH%2BGpcIaeuXoi71vKx3WAMV5vxDh3GQ2DjvEmVEjH1IUcNuWMTdHjQj0MEQv940z1siW9umDAEUUZk82QvZlSWvC3%2BYVbE%2BSQ5z222X0iWaXgHQ9xPXuNKDZQvmgKMOHrLw6zCHw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e960f61b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
unphionetor.com/vctx?t=90679
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=90679
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=90679 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 02:51:04 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 74def4ec49ee8cf0c95d07d144338c0b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp1/style.css
172.67.196.96200 OK 6.8 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/style.css
IP 172.67.196.96:0
File type CSV text\012- , ASCII text, with CRLF line terminators
Hash 415be501a0dc27096481ed4334a27acd
e5e40ff2cd605ff3334456322655fbfa60d1eb3a
1d3b9dbb02b5f3d9d129acbc9272f6ea931e2cf2adcd02118a960ea1f14bfdff
GET /au/aweber/lp1/style.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:29 GMT
ETag: W/"6102d061-9ab2"
Expires: Fri, 09 Dec 2022 02:51:04 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEp0C1rKdqvDYnOwooOmHAhq8mBgUG04wa0nNKKg0cGHBXUYdu8gvGgEVM5z1v8k%2FBL%2FAu3Cmvh32tPFHujSovpRpTVShRWLgLrArhPugtL88IJmFp55CcpFuOGIc245u7SHiS8Z7w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9608d50b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp1%2Findex.html
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp1%2Findex.html
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp1%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 02:51:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=de0438b9c6a24744b2c4781e8d9911f7; expires=Thu, 09 Nov 2023 02:51:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 02:51:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 02:51:05 GMT
Connection: keep-alive
ezcasinowinners.club/au/aweber/lp1/5e67f0a6ca01e_v.png
172.67.196.96200 OK 13 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a6ca01e_v.png
IP 172.67.196.96:0
File type PNG image data, 268 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e9495005c85cc7cfbda4466110e48a8
3f6879faa94d4c3a767d4350a3cac329e433854e
ea2f092d35c2e705e0018963035cd06b13c9dc20dd892c0c011ee0473a05cd1a
GET /au/aweber/lp1/5e67f0a6ca01e_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:05 GMT
Content-Type: image/png
Content-Length: 13376
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:58:47 GMT
ETag: "6102d037-3440"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqsdEmxmzkhabNX%2F5cSxdmR6TRl1NitR%2Fbixwf7es29J58fPMLdUpgi62xEv%2Bun%2Bqn91Of3tZTh6kckQcxdUd6iH%2FzoRVkpdGdEMnHN1gAlZVZVQTH3pEFrjcX6C8N2oeha54rBSkg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9c9aa00b31-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 02:51:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 63729
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: veK0P7tdYeAWR2_ZAFTNxiqb1bz3QnlHsmHlqYgMi9LhB0h8tB_cSQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:57:11 GMT
age: 17634
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 18442
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb3fe96fee7d9da0905d9d565b44fc32
c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee
2b602aa92c61c060a0cfa9b13a7bbbcb65388b91559702c4d509bf199cf30bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12796
x-amzn-requestid: 31108e5a-3c69-4b62-99ea-1816df71a2aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDcEzooAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-708c32857b683c5a39046202;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hRbYl8z9BgnFvtV-7f14N5JoCSebFBrKB7-seyEJAFPN628ccXDjLw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 07:50:50 GMT
age: 68415
etag: "c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: 28e2820b-5ba9-4f18-92e2-628af222a013
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHDutH0QoAMFUdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365e65d-29501eef1f15407d4c162d3b;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 04:28:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DeY5q5uKVOON3SX_Wsg1iH0HGNXtG3h6hNQ2dAp4501D5TwJjw8neg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 18435
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yq_iWDuX0BUgchE1acIl9ARNm1Zxd7bwoeTIEVoD9MYKGzwYmuM1aw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 18441
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp1/5e67f0a85429d_v.png
172.67.196.96200 OK 27 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a85429d_v.png
IP 172.67.196.96:0
File type PNG image data, 274 x 417, 8-bit colormap, non-interlaced\012- data
Hash fb6e700a3ec0afc5fb1988945bc01626
bd928bf177a203ee50b790b106df75d751771107
d9a0805ff6c8dfa8a676d3b19684c465469e1265177ee9747ce88a497714fcd5
GET /au/aweber/lp1/5e67f0a85429d_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/png
Content-Length: 26774
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:35 GMT
ETag: "6102d067-6896"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FflNd3GtE2QxNWXNQt74LXBQbKNEHRbQuwHvXBUc4jfrOQhRw0iSbW3vUNkP7P0FJ%2F0842GKgLp2t6r7oEw3L2WiYeYxWBaHiyNupMEf9VzWAs3JmovcfGkMrwgDCzFU6NBEdMIVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9c983dfac8-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/cashhc.png
172.67.196.96200 OK 32 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/cashhc.png
IP 172.67.196.96:0
File type PNG image data, 363 x 284, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c52de939909399530fe68c55d5d6c92
4c7b5a3461347694c6f8076c6a3192896909426b
ef9623401696a4c11151defd6e88c23175f831447eab99b2b49ef9501884e0a6
GET /au/aweber/lp1/cashhc.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/png
Content-Length: 31615
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:33 GMT
ETag: "6102d065-7b7f"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK8LBhjwMlAKrswDHba2qiWw1QqYuMMGm0cvcZApaVS2NKSgi6cF4PzSIyNW3rE5fPhoMfR8veF2ZrjLcJ39bcOiCpqOJWc5VpEaDgryHWukA9s319gbxaoHlqyH5Rs%2F%2Bn0mzDVCHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9c9a4cb523-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/5e67f0a828b4f_v.png
172.67.196.96200 OK 46 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a828b4f_v.png
IP 172.67.196.96:0
File type PNG image data, 277 x 558, 8-bit colormap, non-interlaced\012- data
Hash cf230c7057040526271ef730a4f2c538
0cd0c1e88e60ad9ce4a70df1ba80c3c8879cda01
5d2d98590f2a25919b105a484458d20e03298c4369d5f1be42b03e76799fb61c
GET /au/aweber/lp1/5e67f0a828b4f_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/png
Content-Length: 46237
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:21 GMT
ETag: "6102d059-b49d"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0iY4sxpXPW%2BgxUTpAkYCtt0AyNQ9bNZZfFGiVr580%2BfBaHXh8tfS%2BimuB6waBaeHORBr5AcZM2lQvex9FEpm05uxVYpK4a66mBSXu1H%2Be9ZB4OCLzCSBFKD3WGCoDNXijQNJFRqdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9c9c34b503-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/5e67f0a6b4533_v.jpg
172.67.196.96200 OK 53 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a6b4533_v.jpg
IP 172.67.196.96:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Hash 88d7f03fd819c7aefcdb1074bb7990fa
882217405770ad036505e193943f34947fbafa48
c3a48888af05fd6567be6d09d13fa63fad286297bf9cd027718c7a7e355ad9ae
GET /au/aweber/lp1/5e67f0a6b4533_v.jpg HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/style.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/jpeg
Content-Length: 53443
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:06 GMT
ETag: "6102d04a-d0c3"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsJ03AYp03kMFVthDk9HjJB4U6Rzw%2FoVC%2BJNxiEYEd0hb0onlelWfp7rfW7Qrq1GBfcndUzaaH%2FBtwyh11W12bNK%2Ff7vFnoxzNQ%2Bvd06wxCr1XXv7BZp268sJA57wf32ppZyG39E8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9caaa50b31-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=3529
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=3529
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbri?t=90679&bid=undefined&aid=undefined&tp=3529 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 02:51:06 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2b52dda62410f7990ea1a45e453a25c6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp1/5e67f0a6ef344_v.png
172.67.196.96200 OK 6.5 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a6ef344_v.png
IP 172.67.196.96:0
File type PNG image data, 185 x 183, 8-bit colormap, non-interlaced\012- data
Hash 7816622da7fe6bb9b083251c85101dd1
eaa0af79fe084abb6b208d7694b04cf3784e80d0
1da0f0bfc01d6e5ed9d6dfb1ea07c9afb9100cf1a2be7879672059a7dd35c437
GET /au/aweber/lp1/5e67f0a6ef344_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/style.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/png
Content-Length: 6484
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:58:47 GMT
ETag: "6102d037-1954"
Expires: Fri, 09 Dec 2022 02:51:06 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpsqaqtlfSzsbm%2BrpvzW27sY3sGsqE37nYoECX%2FzKOvj0BVhpFdq7A0EUKhMEVhIQU3I8V4OS70XZjJeml5pUTHvOGUXiNNL%2BSP%2F6hv7AwwYZqSwNvGkj%2Fhm%2F7T0MpoWplDVsm%2F4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733ea42ccb0b31-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/coin.mp3
172.67.196.96206 Partial Content 22 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/coin.mp3
IP 172.67.196.96:0
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp1/coin.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html
HTTP/1.1 206 Partial Content
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:58:53 GMT
ETag: "6102d03d-5633"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oE%2Bt04BPXSc9T3YHhzyrjbQXgKRpTQ6dmUlFZLeRb0dZaIgPNHkL6wABd4tJlhYXpdcRGrdsHlI0qBepBZqLSYkLqN4IWDYrSzUvwxWFMzMcTtBU2c7BYNHN5DUzDHUdo9RBB%2F31gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76733ea2bcb7b523-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/coin.mp3
172.67.196.96206 Partial Content 22 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/coin.mp3
IP 172.67.196.96:0
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp1/coin.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html
HTTP/1.1 206 Partial Content
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:58:53 GMT
ETag: "6102d03d-5633"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg1z0RMaf7FA48RHJ20LE7k9lBwF29tAqySMXj61AsqbQjyjUQ45kJ2%2BU0H6CkcQz0V3%2BBZ3VKXgLjZHRzA0Ewhy4kVgN8Xv9KSDxb%2FxneYAc2ZUsquX3WqoTX6lgQ%2Bp8VpwErfMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76733ea3de9cb503-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/sound.mp3
172.67.196.96206 Partial Content 49 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/sound.mp3
IP 172.67.196.96:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 277c43fdefb88a30fe36f33a148600f0
2bc68cf98b4b4902bc509c2b53af4baa7efe44d9
9eaa1694cf0be56df45f5424b8b314d45ed55e9ac372e5f0b05bf586e5d4552c
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp1/sound.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html
HTTP/1.1 206 Partial Content
Date: Wed, 09 Nov 2022 02:51:07 GMT
Content-Type: audio/mpeg
Content-Length: 48945
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:27 GMT
ETag: "6102d05f-bf31"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-48944/48945
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTYr7wZGZ9sDd1TH1w8am8CzK05zb0pGCJfJShY3w4xy1CeOaDwfQlzHqiqC5nrO7BtVvN3IKvl%2B5zZBgiUKeltns19Dk3%2FzvDLuCmnaCvpGmdAoK0we%2B8oM8NL0hMTK2HStSpDikw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76733ea28957fac8-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/5e67f0a655940_v.png
172.67.196.96200 OK 77 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a655940_v.png
IP 172.67.196.96:0
File type PNG image data, 857 x 204, 8-bit/color RGBA, non-interlaced\012- data
Hash 22d35d6ee41512539e529961fd51f26b
fc8a8a521b4bbbb50871f7439effa916fa1e5a2b
ea18bede2d858dc8467bdc98c7fc9d751d1e1309476a5d5c81f0db96b66c505d
GET /au/aweber/lp1/5e67f0a655940_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/style.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:07 GMT
Content-Type: image/png
Content-Length: 76995
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:16 GMT
ETag: "6102d054-12cc3"
Expires: Fri, 09 Dec 2022 02:51:06 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwBTy1ol7FA%2BM%2Fg%2FxZTxBDWTivlsg0MHR2q89G4TgXSydsMurglhjw3fSPPXM720tGTyChDw%2Bqej1uIxRRzQFHK32cworAxL5saN4AAd%2BgKI4y17FxsZL0gQFDwaG5ftT6SX9fCXzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733ea20c0e0b31-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/5e67f0a4b11b9_v.png
172.67.196.96200 OK 757 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a4b11b9_v.png
IP 172.67.196.96:0
File type PNG image data, 872 x 872, 8-bit/color RGBA, non-interlaced\012- data
Size 757 kB (756748 bytes)
Hash 3ef027366bb237fd9eb040ccad94198c
3e588f5915a38786a29e2e1b10cbf9df4e09004c
4836e6c4891318fd9b274ec2076d04d0f0df3460b9d7d051894c55fd5334c2e7
GET /au/aweber/lp1/5e67f0a4b11b9_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/index.html?cid=wp07j7f5sf4htabkiro6med4&camp_id=c86bdbe9-6a65-411d-8c69-6eeb70234c91&campaign.name=Email%20Collection-24th%20August%20Onwards&lander.name=AWEBER%20AU/NZ%20Lander%201&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=CnJ8uV4ShCUgSsY3tVPSj4J4pRA_az5bPUMrBCmsqQJ6QJlKEebjWXb6mTKtDE0V_cjnc8UWkx_-wLX5PkQjpmxkeBB7UsoUcaeBOcnNZdGIS_dkFdBZnScpokYo6XAYVRBzpf6rSQkar5cSJPY_SqikPSG7zMrl8ygVKhofNqUYgAi3rqVyGyWUSn8CWLjunQi7Vu0q04cBb_O36ikMxGt1C0nhlNTI8Po5yUG7uddfLSLCuKwpWyVROTBx1rlpA4SGss-aQhAz3EMnDTBhr1I4xBEN3ZiEjXexcIhXcpyCjazoqxLFre7M1MfiEVhiP4ZqHu9ruNUdfzhIjZmljwSQAP0hg4_P2BA6nHqj0SiUtHo1aLFfUAAZvE2IE5qL&lptoken=166367e496a04044433c
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:06 GMT
Content-Type: image/png
Content-Length: 756748
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:58:46 GMT
ETag: "6102d036-b8c0c"
Expires: Fri, 09 Dec 2022 02:51:05 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJhsnv0tVKDN0z9Wwu21zJEvR3bnQyVX5rsUbNE9gbggA96uK4agfukhRPVlZJNLrCZHA2ggGISMVp%2B2ErBjrFVoVxVZePSJSwTphWt1qQBgkLw4GKS3895aLE5SAQ3r3lLGtpP67A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733e9c98e6b50b-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp1/5e67f0a83ba89_v.png
172.67.196.96200 OK 7.4 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp1/5e67f0a83ba89_v.png
IP 172.67.196.96:0
File type PNG image data, 426 x 137, 8-bit colormap, non-interlaced\012- data
Hash 9e245319753e82681922d644b1983d8e
6ddbf0b42027c06e4bcee68a9bb1019fcaf943aa
2c9bcdd3153da3c92abc1b4403b50e4f911dd27f401aff620a717ad1a0d78667
GET /au/aweber/lp1/5e67f0a83ba89_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp1/style.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 02:51:07 GMT
Content-Type: image/png
Content-Length: 7401
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 15:59:30 GMT
ETag: "6102d062-1ce9"
Expires: Fri, 09 Dec 2022 02:51:07 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aJfhfvB77lvQYEitRWpR8bjwhvNKUM8IfdmqvOrvgrVNdngVfsjUS2GvdD0c0YAVVCup%2Bcd9eC64Q131MISrsgyW4g4OUPd4cVJTdloxmR6e%2FJONJMaw1m2Bw1lTjrhDIGT%2B0pu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76733ea7cde00b31-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 02:51:07 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 76aedd71de6ac9ddadd4e0b677a4073f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=90679
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP 139.45.197.240:0
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 02:51:04 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d3367ae0e2345808fe7f4e29085ee50a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2