Report - findspins.com/nz/06-slots-2/index.html

Report Overview

Submitted URL
findspins.com/nz/06-slots-2/index.html
IP
172.67.212.46
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-03 23:30:35
Access
public
Website Title
Spin to Win!
Final URL
findspins.com/nz/06-slots-2/index.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-03	875 B	43 kB	104.17.25.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-03	519 B	16 kB	216.58.207.227
lemouwee.com	176393	2021-03-12	2021-03-12	2024-04-29	1.1 kB	16 kB	139.45.197.251
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-03	999 B	1.1 kB	139.45.197.250
pg-pixel.com	unknown	2022-01-25	2022-01-26	2024-01-14	395 B	11 kB	172.67.200.247
findspins.com	unknown	2021-11-04	2021-11-07	2024-02-03	11 kB	674 kB	172.67.212.46
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-02	1.1 kB	1.9 kB	139.45.195.8
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-02	880 B	1.3 kB	139.45.197.251
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com	unknown	2010-12-15	2022-06-08	2024-02-29	497 B	344 B	2.16.69.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-30	medium	findspins.com/nz/06-slots-2/index.html	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	amunfezanttor.com	Sinkholed
2024-05-03	medium	amunfezanttor.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed
2024-05-03	medium	findspins.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	unknown	412 B	2024-05-04	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-04 01:30:35 Last Seen2024-05-04 01:30:35 Times Seen1 Hash 4aad7b2a455f224ba35acf87b8093b75 1e90c701a94a01daff12407414099506c34b73bc 10fcd7283b71daf98c6ede3e857af4a2ebf8a4b248c2548a4f9bd137257ea72a Loading...

	unknown	492 B	2024-05-04	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-04 01:30:35 Last Seen2024-05-04 01:30:35 Times Seen1 Hash 269b00a74e1b94f8ba8a41fcf6c2866e 21861d47d1afe3ccf892f815e01cd68de39db3c0 b863a8ad8b6d79421bd19e78df783df10c83968e5bfd504d3b1d286d7400ede7 Loading...

	unknown	404 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:35 Times Seen6 Hash fa301762fd2ad43bcce9288f6f0e29ca 263384eca389d0f158f93c078ffb1200f07c52ab 833c58a4f6da34fda33952ff6a2ee2e355d993eab2d25e9418fcb41de9a70b29 Loading...

	unknown	407 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:35 Times Seen6 Hash db3fc6dba37065e18dd54be3b91b5bf3 bdbe38c16e97c2b09d35042f70649a71cbd267be 3bb16307a9432386b609d725800a4700995c0792c7006e000049784ee8a09d2a Loading...

	unknown	487 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:35 Times Seen6 Hash 0ab13c8b59f2d8d6139f1ee339126875 565ed93a9931299fed93ab6b9398db68ef57fa43 03dcd4ab5f0703d9a08bd76f12d2ef50f1257f404c3d39dfb073fa152d6ca82f Loading...

	pg-pixel.com/js/px.js	9.9 kB	2023-03-07	2024-05-09
Pretty URL pg-pixel.com/js/px.js IP 172.67.200.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:52 Last Seen2024-05-09 22:51:53 Times Seen175 Hash 776ab3db151658b63d300df5b5bbbbe4 654c7636432b55f28b8e2400d06500e93f2110fe 3689618df5e2a98d0b3c626ecedd5ae31a2ce480bda98cf6852f34924e915567 Loading...

	lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js	37 kB	2024-04-25	2024-05-15
Pretty URL lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	unknown	403 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:35 Times Seen6 Hash a623bb60b9a1c7dd469c9acd22a5595d dccf5a8bd0883a98c09062aad5ee3e731aab3b66 9f608acd8bb9299a61fd825d2617dbe2610a5fa51b8446cead86cd2d9d9b222a Loading...

	unknown	411 B	2024-05-04	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-04 01:30:35 Last Seen2024-05-04 01:30:36 Times Seen1 Hash f46d5a54494714bd116639f1929d2573 48ba943aec75d754a9362543c63c5f3c4c9efb31 4413b320eeb620cb5309d8d2db85898a6a85e0899150962bf58b7fe0b78e063e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-22
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-22 04:39:15 Times Seen146285 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	findspins.com/nz/06-slots-2/index.html	10 kB	2023-03-07	2024-05-04
Pretty URL findspins.com/nz/06-slots-2/index.html IP 172.67.212.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:05:41 Last Seen2024-05-04 01:30:36 Times Seen9 Hash 14fd4a4adb17438b1bd19e9899db4ab5 69e8d0483ef90cdd5ed4df99d1a5731d63dec02d dabf6c472e9d3bdca20fc0cd25042335c3f4b9cf7914c95896eae3ac35b933ed Loading...

	findspins.com/nz/06-slots-2/index.html	412 B	2023-03-07	2024-05-04
Pretty URL findspins.com/nz/06-slots-2/index.html IP 172.67.212.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:56 Last Seen2024-05-04 01:30:36 Times Seen9 Hash b7b90f6d3233db2e617f4a7ad9984a30 39db3fe7163b6d31b1063863a14e7d5c2b8d4383 301a66722645e7577479f2a306cb0b995ed4cae6b4dc2860260fe1bcb6f2807f Loading...

	unknown	478 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:36 Times Seen6 Hash 6c8ae7a83bd3f8e8a8db2c6a12caeb03 6ef471083eb20762832c71d2af2129eac05bfc69 a76f0640f02d1e34dbe3e384105976d0cdef19980e0e9c901d17ae4e453849a3 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-21
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-21 21:16:49 Times Seen7726 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	unknown	408 B	2023-05-15	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-15 07:58:52 Last Seen2024-05-04 01:30:36 Times Seen6 Hash 94ca17c12b66e71b4322ed0ae8f008cf 1797565ee0eb31802adc16d2017892210e82890f 838f69efefbbe712c5317c81e95d2b27581f91b683312b8c36b1423f6957c576 Loading...

	findspins.com/nz/06-slots-2/index.html	1.2 kB	2023-03-07	2024-05-09
Pretty URL findspins.com/nz/06-slots-2/index.html IP 172.67.212.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:46 Last Seen2024-05-09 22:51:52 Times Seen36 Hash 58cf309a938264f8443ee32c7583662f a332ecef3b6fda9d70474f7628d617e94eae255e 0157a5a460ccd96c244aae4ac4ef78cb90f33d713c3b6bab2f3d0a7088cfad2e Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c	697 B	2023-03-07	2024-05-04
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:56 Last Seen2024-05-04 01:30:36 Times Seen28 Hash 3383e0c03fab71196a1ee93ba628cc3e 59b688f099bddd756e78e97492ab2ee53b66246c cd6eefc001d5ae0567d31fc27bb8b70aa0273c8acc75d928607851536a4a405b Loading...

HTTP Transactions (35)

URL IP Response Size

findspins.com/nz/06-slots-2/5e4c60dd8206d_v.png

172.67.212.46

200 OK

6.5 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60dd8206d_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 200 x 60, 8-bit colormap, non-interlaced
Size
6.5 kB (6460 bytes)
Hash
cc3640f8d9c0e62d481db7d02a4eef7d
4122480d540224ecee27a45ed6851004c6b46a04
2bf523c5c856b0d43878370f7b7c1b9d586689141806fae6db83b986912b26e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60dd8206d_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 6460
last-modified: Tue, 08 Sep 2020 10:35:40 GMT
etag: "5f575e7c-193c"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oARCgRkZzJ6YXTm1yvdodLQIvUfdt%2FpsHkJ8NW6B7v4UlAEdRZo0einMm4Jzkad74mjFAHYMdsK2ru1fky0nnwDIbUW3idgfaAkWtVZdtu6Oxqrnxg3KSSaCj2A%2Fpq%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976fbd4568f-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 182204
expires: Wed, 23 Apr 2025 23:30:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V36657v6Mu2zgJ9JODDjhbD5FEdylN4MwzA8bUdKvmsvWIAhHhaC3sGLRg2IY6gyMnoB1fXu1nDYjzz6VACFuu89WoiZbxvBzLRHANhm6C1aYquBobCVFHK7%2Bvs8e9syNCqEkd6B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e409774f815684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.min.js

104.17.25.14

200 OK

13 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (59765)
Size
13 kB (13009 bytes)
Hash
02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 13009
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f2c377f-ea8c"
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 270839
expires: Wed, 23 Apr 2025 23:30:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qQguNKkiJ3OJS432Q40qnmrH7IlBECNPA0cliW27uC2X%2F8TYdO2H8IRXRLJ%2BSJcAW1AyUU4c6avzN50sAr6JULstp8bVYXUUDJB3mFGAy%2F3FQrIGgTxwgheumcKxjoUqtHfu5yl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e409775f895684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

findspins.com/nz/06-slots-2/cashhc.png

172.67.212.46

200 OK

32 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/cashhc.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 363 x 284, 8-bit/color RGBA, non-interlaced
Size
32 kB (31615 bytes)
Hash
6c52de939909399530fe68c55d5d6c92
4c7b5a3461347694c6f8076c6a3192896909426b
ef9623401696a4c11151defd6e88c23175f831447eab99b2b49ef9501884e0a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/cashhc.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 31615
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: "5f575e7b-7b7f"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8P9zWBj2eTAtZ%2B8dVrLvSv9FcqQnd2sLDt71Jm3zyi9Dv%2FsO9SHKieWe2CvxQcDJmAP1AieEEP2eTgnCghksuJNu6Ff3rGfnCZ3308fxrpIKDeeqvBLgPM2cD%2B%2FXflt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976fbd7568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/spin-sound.m4a

172.67.212.46

206 Partial Content

315 B

URL GET HTTP/3
findspins.com/nz/06-slots-2/spin-sound.m4a
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/spin-sound.m4a HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 03 May 2024 23:30:06 GMT
content-type: audio/x-m4a
content-length: 315
last-modified: Tue, 08 Sep 2020 10:36:44 GMT
etag: "5f575ebc-13b"
content-range: bytes 0-314/315
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnVou3UBO2tScf3ZU0gX2KPjSD5mJReE%2BPUF7ccXpxQKHgmmq6HwWKG4oYmO1z0%2BmmwLHM48OJZZqX8GScXtcyEzzAyPRvN3BQSlZVnVx78eidUlyjqtLMvCoAuEESO8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e409774c15568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/sound.m4a

172.67.212.46

206 Partial Content

315 B

URL GET HTTP/3
findspins.com/nz/06-slots-2/sound.m4a
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/sound.m4a HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 03 May 2024 23:30:06 GMT
content-type: audio/x-m4a
content-length: 315
last-modified: Tue, 08 Sep 2020 10:36:44 GMT
etag: "5f575ebc-13b"
content-range: bytes 0-314/315
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DCeWkoreP45o%2BhyPi3aKIA5ZFKwt0XP5A6d6BusQ%2FKiQh5tFu45V8H1QyyZHWj93dxLFLOE%2BBlj1jAHRa1fx%2FWZd%2BBiW8YE8kiqOKitGYOj7U7Q7HJ%2FxKY8mRMGhoLz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e409774c17568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/f10e2bbc00838dc2134236c58a856a04.static.mp3

172.67.212.46

206 Partial Content

8.8 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/f10e2bbc00838dc2134236c58a856a04.static.mp3
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/f10e2bbc00838dc2134236c58a856a04.static.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 03 May 2024 23:30:06 GMT
content-type: audio/mpeg
content-length: 8802
last-modified: Tue, 12 Jul 2022 08:43:38 GMT
etag: "62cd343a-2262"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-8801/8802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuQUyMdR3pJP1Kej37452tz2xr4%2FK4vF5IjQ1RZybJVnBzq%2BivyEQev8Dl%2BWqvuN1ygmSmZY5mKkbI8UYJkarvOEMLbWDytPK2X3YZnGsDfy5hViJE5xrUVuVYD5PBIE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409774c12568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60de5bb9f_v.png

172.67.212.46

200 OK

51 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60de5bb9f_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 560 x 528, 8-bit colormap, non-interlaced
Size
51 kB (50614 bytes)
Hash
5e9a658d01128cbcf30ad2a905906f5b
70ef0f9e53f0076cac95db60614566245a6a6dd8
89659abae3d30df93fb9bf7515a14aaaa4da2f56f32156bcf0fad8da59cf6327

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60de5bb9f_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 50614
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: "5f575e7b-c5b6"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4gOyHDO7yX8qAYylQ2oT%2Bshyfh2htrgp0p7voZD9QNtSdXe9XdCB4WxaC3dQl0v0j3TBaC%2BhR79ocnUuFls05zbxKPytFfanm7bYOabri0ZraKeUNwK99xvaW7WBZMK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976fbd5568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60e233c94_v.png

172.67.212.46

200 OK

85 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e233c94_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced
Size
85 kB (85345 bytes)
Hash
55e9f817e0ef97c590a4c229e0529854
d0c61dd6fa85e390b427bf3e3908ca23671e2ad2
a58a58c915d407390d40a48eb719bd3860466ab47c533250dd47f6938b2551e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e233c94_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 85345
last-modified: Tue, 08 Sep 2020 10:35:40 GMT
etag: "5f575e7c-14d61"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RgeMICbEihXpWjbukbrk6cqcNPOUm27H5B6j%2Bj9cMcOaNBAzaxMbuL8odvKyI4HFeiOMQmPUYova50e7ezQ2C8btfExZdW%2FHvhaUoAhuTx9rejWTWFvxz5wrLzByBCP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976fbd9568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60e3b2101_v.png

172.67.212.46

200 OK

76 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e3b2101_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced
Size
76 kB (76234 bytes)
Hash
2f47d4bd093d6511cf76a449fb672dfc
c2482408a7d5ec6d2ce9e3415832b16fe8e2a7e0
7fed6a9fb598bcea573009c0be86610ce24dd877f97d415ffe7ceed3b44a686e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e3b2101_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 76234
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: "5f575e7b-129ca"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GRStPGzhuJLi%2FekBjb2wBNCMLPk6SG4B%2FUf9Gbqy0U2aKlvLBcru%2BgoahVPR26eXXKCcHz9JvjCovpKmVIFPK%2Fnhj%2FxNbMzKxt350x%2FFmKWQ8Dj0aF3nDzKTmc9NG9b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409770bde568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60e2e3d2d_v.png

172.67.212.46

200 OK

95 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e2e3d2d_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced
Size
95 kB (95050 bytes)
Hash
802e9223fa26fae356596c079e4e2474
a46851b3a70409f2f64e228de8c97235384910a2
87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e2e3d2d_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 95050
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: "5f575e7b-1734a"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbRIgDmYV8ghNYLhQUZBIrHfJmq8Az18600r%2FZLKa8seKKxTMPlyqlSNfwI%2FjoSOCKHD9eIDk3QUqjEQb7hE4V2psbcyK0P5CHZTUAqker4Xzzzf0sJ7cqq0sLXCFe2w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976fbd8568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/d0e1d7512c5f02eb93d4b96a4a2ad4dd.static.mp3

172.67.212.46

206 Partial Content

22 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/d0e1d7512c5f02eb93d4b96a4a2ad4dd.static.mp3
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
Audio file with ID3 version 2.3.0, contains: - MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural
Size
22 kB (22067 bytes)
Hash
c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/d0e1d7512c5f02eb93d4b96a4a2ad4dd.static.mp3 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 03 May 2024 23:30:06 GMT
content-type: audio/mpeg
content-length: 22067
last-modified: Tue, 12 Jul 2022 08:43:38 GMT
etag: "62cd343a-5633"
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-22066/22067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoN%2BR7X4ksMA0gfC1SRrR7Klca4MPdqaO0phC6%2Fyq%2BdH%2FrvglY1hPDzTVfVM0lmKP0KNmYM3YAN29nXkEuh%2F4AiGP1c6vH8xtwD6nmz7iVn87%2BB2KZK9mtpktrWKpQ8p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409774c14568f-OSL
alt-svc: h3=":443"; ma=86400

my.rtmark.net/p.js?f=sync&lr=1&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c

139.45.195.8

200 OK

697 B

URL GET HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JavaScript source, ASCII text
Size
697 B (697 bytes)
Hash
3383e0c03fab71196a1ee93ba628cc3e
59b688f099bddd756e78e97492ab2ee53b66246c
cd6eefc001d5ae0567d31fc27bb8b70aa0273c8acc75d928607851536a4a405b

HTTP Headers

GET /p.js?f=sync&lr=1&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

findspins.com/nz/06-slots-2/5e4c60dba3171_v.jpg

172.67.212.46

200 OK

35 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60dba3171_v.jpg
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1300x442, components 3
Size
35 kB (34833 bytes)
Hash
c89b0c713601891480a7629c4ff15236
1efa87c2fc4d483df5347fbe4f71b2ae3dd710b9
dfd7a5590f7cd486818c55098a5a3d391a3e5a82323625e2dd17b7a7dcdd125e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60dba3171_v.jpg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/5e4c60e1aa979_v.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/jpeg
content-length: 34833
last-modified: Tue, 08 Sep 2020 10:36:44 GMT
etag: "5f575ebc-8811"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6Xyw8oHpb5%2BEsH3M3%2BR4jLDXAdwR5FjddlNUe3IU%2Fjy083BQ0xJhReV4PTFOo1rFTTVunN%2Be9RPCLpfArs7Oi%2FpdB9kpPvLwV9gPFzl8OoJS9YwEsPYUrehynNxh9GX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409790ce0568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60dfd9d98_v.png

172.67.212.46

200 OK

2.1 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60dfd9d98_v.png
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Size
2.1 kB (2117 bytes)
Hash
72cd866136817a6f7c16d204a4c0331d
1e3078ff441240bc9c24b074818167adf4f6eb4e
ad82010277c5d9b77233c6b068d278cdf4e15d702d57c39cf6900a494f0ee784

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60dfd9d98_v.png HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/5e4c60e1aa979_v.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/png
content-length: 2117
last-modified: Mon, 14 Sep 2020 13:38:34 GMT
etag: "5f5f725a-845"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0mcVs41pRyf8YKJ%2BNRX0umln%2BqXp0D9RF3ZjyvYmxjmcmTza1rtwi7lbygencWAOlVnZ1pLqFWdE4OMPutsag389l4iwImjGhl4CA6S%2BSJLRbmjuMFO60phW2J5nrmH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409790ce2568f-OSL
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60e0405fd_v.jpg

172.67.212.46

200 OK

27 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e0405fd_v.jpg
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 124x800, components 3
Size
27 kB (26939 bytes)
Hash
cd13e712beeba62956510e479018be24
84bd510faa4200b2f284d51fcfa0f5e84d6ed720
580a105bb107ebcce3d544568e204518cbc5b5eb627671fa84bc0b58551d6aee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e0405fd_v.jpg HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/5e4c60e1aa979_v.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: image/jpeg
content-length: 26939
last-modified: Tue, 08 Sep 2020 10:36:44 GMT
etag: "5f575ebc-693b"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXf3sdhtUZucFQCTpwHO7lKgcvW%2F5TF0NiZ8iWHbaSUwFedYmxChDo%2BOdCuI5faLHMTTmlLnkAmC2vhxIwYhCojyAvQ8LS2KtVABiFLju3WB0jxrafbi0KcMceaCqW%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409790ce4568f-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15056, version 1.0
Size
15 kB (15056 bytes)
Hash
0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

HTTP Headers

GET /s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:18:02 GMT
expires: Sat, 03 May 2025 10:18:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
content-type: font/woff2
age: 47525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

findspins.com/nz/06-slots-2/5e4c60dac2620_v.css

172.67.212.46

200 OK

509 B

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60dac2620_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text
Size
509 B (509 bytes)
Hash
0e646e2e128c473d6fba7996a4a94e40
a4d4fb349d7480c10da8249c0851ea287a0309bb
8cf6666c0c6d23dcf25eed0ecb5c439e484e1ddd598522bc21eb6e454edaea33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60dac2620_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: W/"5f575e7b-4b"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FjyHjJgdn3EN5M6qMt6HNG%2Fm5UcJIdkM1fprVazP5fdNo3R3%2BwmbAqJ6%2F6jKqdU4ehVc%2BQMrYjc5%2F788GoZQ8YTkI4hn9hIlmtnhG3QNFucrtH%2FUVzC0kCTgUxTGdXl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebd0568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lemouwee.com/zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=620c45fc-a09d-4637-a1f6-8cd038c6f0d2&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
lemouwee.com/zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=620c45fc-a09d-4637-a1f6-8cd038c6f0d2&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectlemouwee.com
Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8
ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=4678322&is_mobile=false&domain=findspins.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=620c45fc-a09d-4637-a1f6-8cd038c6f0d2&action=prerequest HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-length: 0
x-trace-id: e3532aad592eb6fcac4002989b2e1c4e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 302
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6063713f2d5f713e3958eca213b1bd08
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 303
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7997c4e6a510c913a3b7a5445934efde
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js

139.45.197.251

200 OK

15 kB

URL GET HTTP/2
lemouwee.com/pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectlemouwee.com
Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8
ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT

File type
gzip compressed data, max speed, from Unix
Size
15 kB (14718 bytes)
Hash
79ab4f5f20178d8996c060bb397118cb
1c4b2573fec4c28a0fabe5f38102b69cac5b9e97
05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4678322&ymid=null&var=null&sw=/sw-check-permissions-cf42c.js HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://findspins.com/
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
4151840306efcf6c3a6e71d3d10924ac
66ee8f70197e26ac59ef7993618930630d12471b
0f8dc68568b9b832a423c02d97897f0b73ff582653b673f78df04a5e60eed44f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://findspins.com/
Content-Type: application/json
Content-Length: 985
Origin: https://findspins.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://findspins.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fnz%2F06-slots-2%2Findex.html

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fnz%2F06-slots-2%2Findex.html
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=d38c8f1863589f3189a94c72f197f7346312d922c34635cd32e1cb649574342c&ttl=&rurl=https%3A%2F%2Ffindspins.com%2Fnz%2F06-slots-2%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 23:30:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0880515954004c2ee220265ba9b06ae6; expires=Sat, 03 May 2025 23:30:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png

2.16.69.119

404 Not Found

70 B

URL GET HTTP/1.1
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
IP
2.16.69.119:443
ASN
#16625 AKAMAI-AS

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerDigiCert Inc
Subject*.ssl.cf5.rackcdn.com
FingerprintEF:65:B6:77:10:02:2A:12:C6:30:84:FD:98:AD:02:FF:F4:27:01:25
ValidityFri, 24 Nov 2023 00:00:00 GMT - Wed, 27 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
cb75a4a5436bc5f23fd500aed9ab3ad4
270ba1020384007ebcd50e4985b6a3bbe63f194b
cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56

HTTP Headers

GET /assets/images/foxtail-blue.png HTTP/1.1
Host: 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 70
Content-Type: text/html; charset=UTF-8
X-Trans-Id: txac7346e0327344eb827bd-006635737fiad3
Cache-Control: public, max-age=7157
Expires: Sat, 04 May 2024 01:29:24 GMT
Date: Fri, 03 May 2024 23:30:07 GMT
Connection: keep-alive

findspins.com/nz/06-slots-2/5e4c60d92ac63_v.css

172.67.212.46

200 OK

12 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60d92ac63_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text, with very long lines (7048)
Size
12 kB (12205 bytes)
Hash
8d4fba5186f02a0c4458986b0cf91667
785579011ecdda9e4754ca41649fa2fc06453b52
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60d92ac63_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: W/"5f575e7b-1c28"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HW1z7lWK7M0Eh5%2B11Fb2V%2F3kbqwQ4WtpGr%2F2iUoelRAValdyPw4XjNVPvpZyoB7T3NdxABtGIQJ5OCoKhNZJv2AMa866A6RRS3nyZf3X7IkgghiT%2FM45N0z%2B801Haoxp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebce568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322

172.67.212.46

200 OK

9.2 kB

URL GET HTTP/3
findspins.com/sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text
Size
9.2 kB (9177 bytes)
Hash
e6db32703d5026dee5e4df618783074e
b758b3eebc96739eaa325fc77dac47ef8f1eea8b
fde393c3eefe261a593ec891676e3d98746ef5ea44d4b12200179798be492e8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions-cf42c.js?var=null&ymid=null&zoneId=4678322 HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:07 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=566
etag: W/"619cc6cd-236"
expires: Sun, 02 Jun 2024 05:57:16 GMT
last-modified: Tue, 23 Nov 2021 10:47:41 GMT
cf-cache-status: HIT
age: 63171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3rrtgHIv2Er%2BYPGTquQsqYZ%2FSRGuJXkYuph%2FNjyoVrFUL0sLHn5IvlAWfBAvWAxgIjAKoD10MERyBnzXb8f75gOCihOclSFioYuhjE%2Fm%2BbAV3gu9qC%2FL59ImXAnfX2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e4097d1f36568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60da1215a_v.css

172.67.212.46

200 OK

122 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60da1215a_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text, with very long lines (65371)
Size
122 kB (121676 bytes)
Hash
202fac808755442f92547f3d747cc213
10b47ca8a93ccfd634049611e1187563c91f3198
5eb768b8c963e871b96343bbdd8e16e6b9787fd87f6155f98fc5233f8c208c83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60da1215a_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 15 Sep 2020 17:32:46 GMT
etag: W/"5f60fabe-1db4c"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJUGHwKiqCqDTea%2Fiu4VO%2B1O6ZdKNi2qRFQYP%2Bm0bDr4FtQzD6AAoFnzhFKOwE1v6T7QO9sDyAyqKxbzYRF3ZoXsvzs9kpeVXBMrJse%2F140SVw21O7LUG4UoXwGafE3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebca568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60e44796a_v.css

172.67.212.46

200 OK

75 B

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e44796a_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
da3ca573f3cbd3e7f22632e0d03e1bc7
3ccc5988d0df3d595a11aa8ae5ee1a87e2d079d8
c6e51a10c5d2e29d4b2a8fb056a1e50405c7c335322d5d818030e0e3c12bd5ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e44796a_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: W/"5f575e7b-4b"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vbh5GkXrwRiPAekUxLTUMpZ8gME8J%2BY2R4uwEVaAvrs5QYmCkgjwOQgmiboQC0PXKSHmOabYqn%2FPhz5gP6p%2FXGjEthF0VDTAqN%2Fa%2FBoGTKQpZeQlgiYnOHcTiJ8YqmDq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebd1568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/favicon.ico

172.67.212.46

404 Not Found

146 B

URL GET HTTP/3
findspins.com/favicon.ico
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
63d7d0fac1fb1dcc7a2cc2a5fe5d93a6
9b2f2822de107de2319d3dba3cafaf49246420e5
71b45ab43cefc5356ec1cba3f2a46e5124e8ab9860de8910212211c3f5f2ec43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 03 May 2024 23:30:07 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BItaeQSKvZf3iBcch1VdkPYxR%2BR1UAJ1HhvI2QT8nwsvEl0h66jsfIqMfK8pYoMjgww9m%2Fr3pj2o1HV36OCYDIN36wv94NEQ9pIL5zxhZf4d7wkwxhxEAZSfxpKzjNEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e4097c2e63568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/index.html

172.67.212.46

200 OK

27 kB

URL User Request GET HTTP/2
findspins.com/nz/06-slots-2/index.html
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
27 kB (27362 bytes)
Hash
cf673bfab487335a38a6ed5df20ac03b
08a9202bbce132e7bd75269d2a621f048c70497d
5d61067a747817cbeb32feeef36e459fa66af9320ddaef7997a4151dde6dba25

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/index.html HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/html
last-modified: Tue, 18 Oct 2022 21:06:14 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyPDurt%2FEHXjhekobFI9qz%2BPqcW3fepXgLabKE59gI%2F%2Fy3TfR8A44kArCT30tpSHMHLIOi1QtFtbqNYnKs23iiNrD1HRzSH0GJQveYIOvwCFyjNwDAfxHUAiXVIB%2F5vy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e40974ce5e712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pg-pixel.com/js/px.js

172.67.200.247

200 OK

9.9 kB

URL GET HTTP/2
pg-pixel.com/js/px.js
IP
172.67.200.247:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectpg-pixel.com
Fingerprint98:21:23:62:84:A1:B3:4E:65:46:C4:A9:13:66:18:15:B9:05:79:1A
ValiditySat, 13 Apr 2024 23:10:16 GMT - Fri, 12 Jul 2024 23:10:15 GMT

File type
JavaScript source, ASCII text, with very long lines (10169), with no line terminators
Size
9.9 kB (9919 bytes)
Hash
a86ed74e221703aa590bc7aecfec9a4a
dabe707bcf8e504e8d6731a18534018b53715487
a02d8a2852885e171ce71c37323c26a1f29083a7e46a7e341ea10ccc8e8d607f

HTTP Headers

GET /js/px.js HTTP/1.1
Host: pg-pixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 14 Jan 2022 15:53:41 GMT
etag: W/"61e19c85-26bf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dymnT3ATI%2FM%2BjLVxBYuCV9y4843FEA%2FRJr%2FtjQkvLGj2XCPWZaGAFKb2vjaaGAr0jsEHEX6eyJcGepoaSF3HASvmOoorwxfnj%2FsYrbC8gIP%2B2xhGu8FtcXbCF386YIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e409778e325696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

findspins.com/nz/06-slots-2/5e4c60e1aa979_v.css

172.67.212.46

200 OK

16 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60e1aa979_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text, with very long lines (557)
Size
16 kB (15615 bytes)
Hash
c8a1f8daaaa39f6b997c55417ddad001
54e5410a2c75f7ba33b7bb8a4f7fc7d7ac125d05
664ae1c8ea872adcc5f1ac5206f976aed52a1bb6f9bf74a9ffe8cab6f128b906

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60e1aa979_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: W/"5f575e7b-3cff"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSIqVQqJ4YbJ2ltu4M%2FMbVsxZyMJgG0GKRNVYKXlqhL26WUE00wbUxFNSUujp6A5K4D0zbJfTDuP6O8BNY5Wk%2BgX0fG%2BT%2FJR%2BIDR9I6UZc65KEkFuinI0ZFJjYmo36X%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebcf568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

findspins.com/nz/06-slots-2/5e4c60db281d8_v.css

172.67.212.46

200 OK

32 kB

URL GET HTTP/3
findspins.com/nz/06-slots-2/5e4c60db281d8_v.css
IP
172.67.212.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://findspins.com/nz/06-slots-2/index.html
Certificate
IssuerLet's Encrypt
Subjectfindspins.com
FingerprintC4:8D:68:85:F4:B1:94:EA:F1:97:C9:A6:AA:1B:A8:41:F1:7C:93:5E
ValidityTue, 30 Apr 2024 05:28:32 GMT - Mon, 29 Jul 2024 05:28:31 GMT

File type
ASCII text, with very long lines (31320)
Size
32 kB (31483 bytes)
Hash
ed208e7345d84eee9d303f4df213743c
05ad1db3e37157e2ba8c4b82fea6f6699ce7c67f
0abc821677c3d82ea73822d9cc062ccc23e901fb62e7255e612f797c1b275fac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nz/06-slots-2/5e4c60db281d8_v.css HTTP/1.1
Host: findspins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://findspins.com/nz/06-slots-2/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 23:30:06 GMT
content-type: text/css
last-modified: Tue, 08 Sep 2020 10:35:39 GMT
etag: W/"5f575e7b-7afb"
expires: Sun, 02 Jun 2024 23:30:06 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWQvJ5jCCllft%2BDKUtWCqP4d1q%2B10lKrKhtYG%2F2wVGc6jdy7aL6IIWF7I%2Bv0zBQAy33zZohjxxEhLWDef79LsJGi4RXzNvWY7eRX5Dfsgt1%2ByRci9H2zaz9yoZ7WwwdG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e40976ebcc568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML