abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
104.21.93.4200 OK 3.4 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
IP 104.21.93.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1047)
Hash f637d9ded5d6facbe223845a400efed8
55de350076e006800f42f1a2fee8c3fd14feb72c
3a8d7b71eeb2d249e7c400bd971aced8aca47540ddfa406b4242c2c8551aa8a0
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/ HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gdro145%2F74h9pbvOnO7xC88RYO8Rn9FDC1HQSd6sqCxmhbFYsH56RQ27ofXBtH%2FwCbkvvY0WLvHeK%2FQSLnqDDTgqq4KoeOG13TZGk3TRQ3RmR6rjrxLDLBsd3pIBmibANVokGuyAqx1DbeeimeeX%2F08pfkjBaJeyOGDVPN8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f8b2d2a0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2163
Expires: Mon, 19 Dec 2022 04:39:27 GMT
Date: Mon, 19 Dec 2022 04:03:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12565
Expires: Mon, 19 Dec 2022 07:32:49 GMT
Date: Mon, 19 Dec 2022 04:03:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 03:34:21 GMT
content-type: application/json
age: 1743
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2718
Expires: Mon, 19 Dec 2022 04:48:42 GMT
Date: Mon, 19 Dec 2022 04:03:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CH22GpjgiRshNnxtgvrB/7e8eay1yzhRLMi0m9JOnv4uu0WVuZMgS7bgKQp3EgFd1ibfIohJJ4tu6aawyzlntw==
x-amz-request-id: PKZMGK72YD33Q3XW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 03:28:50 GMT
age: 2074
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 04:03:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.4.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 04:03:24 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJzh/5wGEocBCiRhYWM0MjZjMi03N2Q4LTRiYWQtYjQyZS1kNmFhY2IxNzZiZjMQ+OiCoKvU+wIaBgiMxf+cBiIMOTEuOTAuNDIuMTU0KMeyATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZGI4NzJjYjAtOGQ3My00Njc4LTkyMGItMjI4YWMxZGU5OTk4GK7vASIYCAISFGNkczIwMS5zazEuaHdjZG4ubmV0.3AZm6V5eJlmxSSRG0zRuueue/FdB5mQ9i3TLPxGOmhs=
x-hw: 1671422604.dop216.sk1.t,1671422604.cds247.sk1.hn,1671422604.cds201.sk1.c
X-Firefox-Spdy: h2
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/reset.css
104.21.93.4200 OK 547 B URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/reset.css
IP 104.21.93.4:0
Hash 2df59197286a62c8e5331dfdbde30ac9
09640fb8762fa6f5bb68a6c09f3d43426b6218d3
69f7ceac3635466ab1850b29a9e47b3971c72863f07d3dfdf5e5372f23e2d720
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/reset.css HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
Vary: Accept-Encoding
ETag: W/"627b916e-41f"
Expires: Mon, 19 Dec 2022 16:02:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uTLx3uo4hHVl2Fdo6t06FQP2g2QbskT6xt3k4qBt%2FsuRq6U6rSyRwUIGSbQlXnDb64L1KF4Njc%2B5kuV5YqV6POqrY1VtHlL3PZupxrG1fOXN%2FGd7OJtlxJ3E7CZnOieEwpt3Bk%2FjdR1lZbTP8crnVxGRqoF80wjZa%2BlCZE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f8e2dc50b31-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/style.css
104.21.93.4200 OK 2.7 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/style.css
IP 104.21.93.4:0
Hash 5bde02e54cf3b7c83c6667bd27860190
0a847747e0a7d568bad65c3070b9bd69c834611b
963c0c7f80f64a798bbd559352ab3b919d348b61f5f5228f8dcf82f0f45e36c9
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/style.css HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
Vary: Accept-Encoding
ETag: W/"627b916e-32f9"
Expires: Mon, 19 Dec 2022 16:02:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SjuS4gCUT30NYd4opQhs%2FhwdOFk4%2FAQPkoQt8%2BnPce1CGGBEsa0eFnRTD5h7gWzBr216IHGR%2BwxrhJHl5E7ymZpHCZfYzydCGno3ntLdTai6W%2FcaW0xNOgQj8%2FQs1EFIIhEvQf8tW1SIkaIWePcL%2B%2B1Ac1ZuSfbWALqOm8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f8e290fb4eb-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 36873546bc8b0b69c86c49005473030d
95277b14b4a826ad2600b6ef8c5b671f0051d68b
d3aed5d2b06286ae1330d72ddc1be32fc2f5e853835ec293737cbc26b0fff096
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3AED5D2B06286AE1330D72DDC1BE32FC2F5E853835EC293737CBC26B0FFF096"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13077
Expires: Mon, 19 Dec 2022 07:41:21 GMT
Date: Mon, 19 Dec 2022 04:03:24 GMT
Connection: keep-alive
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/main_script.js
104.21.93.4200 OK 1.6 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/main_script.js
IP 104.21.93.4:0
Hash 68e60b8bcde6ef952d0742955e200851
6a129ea149374a3f7dc2a12a6a30b92199b53ea3
5f1b261fc95b93248df74cf66437f0512982f0ed40904646b78b376577e85cdb
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/main_script.js HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 11:31:12 GMT
Vary: Accept-Encoding
ETag: W/"627b9e80-1610"
Expires: Mon, 19 Dec 2022 16:02:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyiJz%2B0saaYDCL3wre5bkXJ3o4PFJqOVuNzsYqDxtIrmfyaLarJw7WB8G2R2pC%2FnMw0GzxAWpEbdsz8yj6jpWeqsE353FtOQ9oUMaoyjkVZoIRFoiNtgkyyLtK%2B62m4Ft1bn2BFrURQMfLBeQup1%2F%2FIDFguz45W7BVn0ePc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f8e3917b4eb-OSL
alt-svc: h2=":443"; ma=60
my.rtmark.net/p.js?f=sync&lr=1&partner=6a7a4199623ff4668ca49d3c5281397cab0102bd440abcf63d6b50cfe69e562f
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=6a7a4199623ff4668ca49d3c5281397cab0102bd440abcf63d6b50cfe69e562f
IP 139.45.195.8:0
Hash 52a152c782dfacb76596abbc8f654778
e70c07d304ccc35688a4ffa8110d34bf090f4d4a
b574d504bdefad855ba2b0ff744cda3b5af47a8be2c1febb58ebf1b128ca4eac
GET /p.js?f=sync&lr=1&partner=6a7a4199623ff4668ca49d3c5281397cab0102bd440abcf63d6b50cfe69e562f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 04:03:24 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img5m.jpg
104.21.93.4200 OK 1.2 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img5m.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/img5m.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 1169
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-491"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoJanbAmKDc1qLPwitgkjqY%2FC7vIbmbRTMb%2BIxCecN5mWKJwJGBbiT%2F9LZeEFonDcrGnombvJ42MgxcCn94RGjMmv54suWaDZiENhxRv%2BWAPsOpPn4ORad9MHqbLsZmt%2BbR7jxyYN%2BOqNPCBDXsv2wRTPsQ34eF1vOrBbY4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8eede90b31-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Sanjeel_Sunny.jpg
104.21.93.4200 OK 19 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Sanjeel_Sunny.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash c2ba8b51ff90b80eb5fa6bb5e33c36ce
a8d1188b0e7d89664580577dee07100f9ed9c80f
1b1560f9fe3fa038c5cde4120382a724d1b4883f26560442f133c1cd5a8d5756
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Sanjeel_Sunny.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 19267
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:18 GMT
ETag: "627b9706-4b43"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bXxbkU1PHJs5w5EbO2PMRPpSX6oigJQMtvJVBarNuFvKFahdBCyBfCVuXXGlmkKXtRFMV08HF0A7YIquvig0DA7LwqJ9w%2B6iWdBl9WJZ%2FwG2iLiyb%2Bp41uWPZeWUn%2FQub8M5OzI3jhD%2FngvfyFKSe3fmXCzZenbqBleW7w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8ee948b4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Farhan_Shaikh.jpg
104.21.93.4200 OK 6.3 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Farhan_Shaikh.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash b78a35e049c72dbd931d1abfa4108a76
45df1a48f43644ef2f63cc396624bfe6ab1b65f5
d83c2d5f92e6efc926573477ec75928a248077d60ca6f24c9bea6e95cbefe585
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Farhan_Shaikh.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 6308
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:15 GMT
ETag: "627b9703-18a4"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4Ej3fvo2Vj8ovdAOeDXv1yrSqwPa3rnaeFs9xeK%2FQf8V%2Fq9bQwHNgYviu1jkUT325p5p2bBtPGwry8C26kAJhuM79m1uF0E1MGu%2BAYXWxsIQlwfO1kBgXTEKLtvPNfd7Fd6SVueuBRna4gcdghOykjobutsOxu0f%2FhCiUk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8eeeb30b51-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Abhishek_Jaiswal.jpg
104.21.93.4200 OK 22 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Abhishek_Jaiswal.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash a9bac4c6305875e4a1c534c8188af273
c881c33c5c2c7340c3d66db3ad929727c5aabf6a
0990ed47ac130dde67504586c86b90ac933f66d74e67702bbc76c9d9da50c102
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Abhishek_Jaiswal.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 22487
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:12 GMT
ETag: "627b9700-57d7"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7Cyxl9a4eRo2V5jGntDNIvuxuQybE%2FSjs3jJojSvY6ak%2BTidFj%2FZKdBLVUC13m5DHOTMQ%2BB7JkZoL0Zi2yjk1h065grD2%2B5hV%2F8dqB%2BdR595%2Bx6%2BKE%2BWz8Ze%2BREtBIxEgKp6RozDaMFYk0DNRO6YUaZPsxyB21MAEKK9to%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8eedb4b521-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Nadia.jpg
104.21.93.4200 OK 35 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Nadia.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash c93f6dfab80f15902b965eb48187eae3
7c831a7086283a802aefa5f282cf5e964ec50261
55e8afc2aead4fc928652e16ab0004d301b828d5b6d597b64061498545add13b
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Nadia.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 34803
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:17 GMT
ETag: "627b9705-87f3"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnVlIfMRbdNFuDXuKGduK%2BY1UHM%2BsUk13FkDp0su1wIsrE%2Fad1WdFpKuE0QqrfZvEuwskuHqNjw8XAgYPO6i5LOYf0IoCrtG9cFIfyCOF8UwcNEwkwwqcsug5Ul182STJ4GdJ2yhpBo3g86p8ilmIoAyYHRR%2BKr7SDoI0n8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8ee951b4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Fayiz_Musthafa.jpg
104.21.93.4200 OK 12 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Fayiz_Musthafa.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 1694810b07452555dfa82b7541150bbc
26ae1bbfeea63d310bc8cbc26e809e07869ad35d
6570cc9ffd594aeeadbe54058fcd0a75fe29c6335b636d7749dc3d8603501890
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Fayiz_Musthafa.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 11760
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:16 GMT
ETag: "627b9704-2df0"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHKlnOtTiE2GBEB6CvcQGereQZsExrK2Xcv2nb1qaIlWmX%2BJFDxf07%2FYeJYMd%2Bbodwk3J%2BU2ZG6kYzzVKgKSFaOzp%2FluZG%2BXjBmlAxm%2BRtUC%2Bv7CD%2FG8vLwbRzZYL8QgGgYUwPlv57sEB6hhglQiLHGOYhoL28DTGlvZuWU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8ee986b4f1-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Spartan_Xozz.jpg
104.21.93.4200 OK 71 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Spartan_Xozz.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x399, components 3\012- data
Hash 4bb87ea8c46012c6c7bbfb38aa5de8a0
e61333104c5abb5f249ebe31b7a36faeaccd5d95
6a70b7fd18637fd8675fc385a5bbd464f97f470a6066c3b0732c954e3f432b33
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Spartan_Xozz.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 71316
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:22 GMT
ETag: "627b970a-11694"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtYnwGZNtzbScieVo6LABFlSRyMYopPEyJm1EQ4IrFQqBQpIjy0XwrSWianOe0DoLZMGIfg4n2aZvnoqRQvCf7Y%2BvjoZn9DucqB04E0bal%2BhiW5Tq6PAzGqeODL%2F20lSA%2BNs3bqr2cH7Yily2bp0O0aKvcDl8KAB83qTl38%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8f9e050b31-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-start.png
104.21.93.4200 OK 26 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-start.png
IP 104.21.93.4:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/slot-start.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 26084
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-65e4"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5iUuaS%2BwtsUaixxThGOKYtSAvxV0EGYXW%2B2c6alwNPmPsE0ABpCpdL9J8M6Rguk2HlzZ5ugLUBOnbRj0%2BwyMi3hAefa8DgSKrE%2FVDdLr2B%2FtwWYsCyVi48S3m623Ngc0zX6OPgfSpPPvz4r4dvZsbeSOZsgIgwhdakGa6k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8f9edc0b51-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Shashi_Thaman.png
104.21.93.4200 OK 473 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/Shashi_Thaman.png
IP 104.21.93.4:0
File type PNG image data, 452 x 461, 8-bit/color RGBA, non-interlaced\012- data
Size 473 kB (472852 bytes)
Hash 378c4e4d9065320cadf1bc0ffc0afac9
556a0316828a59788f522383f76691d4d5bd7dce
d7f48bd64ae4b3e7320ef6bd37e1f991758d764a3580b54d742259c3ae21d15c
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/Shashi_Thaman.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 472852
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:59:20 GMT
ETag: "627b9708-73714"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8N%2FG8gXRYGzTN8bmILp%2FE7WiIriMRmAcjK5yCEk0LmobY7Z43pyb6Eo10fRod%2BqeFvMMVZSGVQTFkxBjphd%2Fr0o4q4MDY32UqBthRvPHWHi4kfY8YqaeT6jKF3L%2BiIz4BVS47f%2B3nZpmn2PCPhVV%2BcTL5am1odyRQOpr%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8f9984b4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/red-arrow-right.png
104.21.93.4200 OK 1.4 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/red-arrow-right.png
IP 104.21.93.4:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/red-arrow-right.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 1362
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-552"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaVt7%2BTc4RkT5%2Brc2KAEaS5gm1QVxKlWnw8g89Gvmb7jqZ2PjMuW2UmJYmMvMaQaiFtCAYbZLKhZ%2F7OBXd%2Fln26vAnaEwbtxHT5fSBS4KVZavFFvgDwS1V4Fdz%2BoN9ZqQZxqEs7XJTod2iWkDAjteK0vlDMbzBpf8u%2BNEUo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8fa986b4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/red-arrow-left.png
104.21.93.4200 OK 1.3 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/red-arrow-left.png
IP 104.21.93.4:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/red-arrow-left.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 1334
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-536"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zuy8j2cBTaMMjmA9jDUxMqU8%2FYxEeEwnaJioPCnrLW48DqtP%2FKa4OYORnNSVaJRutiNX3cYw%2BV6dXwgzSkRn%2FRHH96EFsPb%2Bt7CL99xZVvwCDMvI16z0MLv9d9C7A2JUGQYOY%2BTzWgraHxDwOgTnY5tkyQkTtazFZtI7Fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8fadf8b521-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-spin.gif
104.21.93.4200 OK 88 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-spin.gif
IP 104.21.93.4:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/slot-spin.gif HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-1562f"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KXMdP3hkRyDlceY618FfDd5swjc8vUu5NeHzoBDR71utme9AzrAXjb7cGXIEDK7A8kNBtC0rCZ6OXmIA%2Bcyty2xeIGVaWsONZKZMGYRD2AMzv%2FtnBURzJFVZb1YlXJwrjYmnSLW%2BGQ1taL%2Bgu1gFJALIC3y7%2BjtBYEBi6A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f8fb9c5b4f1-OSL
alt-svc: h2=":443"; ma=60
lemouwee.com/pfe/current/micro.tag.min.js?z=4907456&sw=/sw-check-permissions-c8e51.js
139.45.197.251200 OK 14 kB URL HTTP/1.1 lemouwee.com/pfe/current/micro.tag.min.js?z=4907456&sw=/sw-check-permissions-c8e51.js
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (39559), with no line terminators
Hash ed458848fd37b63d91f524403eed8bb7
9579161f6ad0fddaf197720e88fa9a429decb52d
6a495f7d39bf0b46d79a9ab8022bc9edbbdb5a61b41b27e38f65ad9c5ad02345
GET /pfe/current/micro.tag.min.js?z=4907456&sw=/sw-check-permissions-c8e51.js HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Dec 2022 09:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63984082-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/win.mp3
104.21.93.4206 Partial Content 10 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/win.mp3
IP 104.21.93.4:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/win.mp3 HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 206 Partial Content
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-2897"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-10390/10391
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYLVnR1MLhuEVECpOOmqWfG%2BHWpjYl5JWYKFNLidXWRRdA6uMzF%2FRR0rn2%2Br%2BJX1tZKUhl%2BzEdowP7HfZyEjqET9I1oHvaYbcAr3AP1LWSHBZ3l%2BnEe3feSXUtzj5WNrX%2FFm8VhNQbVS9j5bGyr2nCpCZqftKqHmz8ifqJw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f904e180b31-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/spin.mp3
104.21.93.4206 Partial Content 8.8 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/spin.mp3
IP 104.21.93.4:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/spin.mp3 HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 206 Partial Content
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-2250"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-8783/8784
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kbnsvxblk7%2B2UtPuAbr3kcR87iTEN3xjnOsQlJs95%2BDJERdoWYWqsZ9DI1D2EbVp3JTkBljDl51sc9FjliP%2B%2BGMIp5FOems1hV4Td8Ya6%2Bmc4HRxAJs7zHnNimuXZ%2FB65o0e9uJQ%2B7SGjgdExBCMzTxrVfUqjhIurFJ%2BRds%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3f905efa0b51-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-result-2.png
104.21.93.4200 OK 27 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-result-2.png
IP 104.21.93.4:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/slot-result-2.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 26733
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-686d"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMLk2ttporhor1aOhuVS7ajZO6ZLHgD8syJRvu4kPsRhydWSNF4ZXlRSAulKhLSRYV%2BxH6PwYuBlmyH9wEdWLURNqZPU1Y4aGAnAPx7E%2B5qt8u861TcOsM44%2FGTgHDS4eLObpVtWn%2FRupiM%2B%2Fg%2FOTNXgGMHsHVLzOtH5wRM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f9079c6b4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img1Female.jpg
104.21.93.4200 OK 1.3 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img1Female.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/img1Female.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/jpeg
Content-Length: 1315
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-523"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9sN3wOCSiom%2FGSaH6DkFPtK0oSY5zKd4x4PqEx7KHciZ%2BSkN560FPnI660YjWXn4FDTKrTEFbBc7D6RlQqfqQWY0tQP9Scm6X64pEnG7orqoIR3r2USqxy5sUKItD2mHUL%2F5fTvlOd9Vd4UXT4BjJLwOrMgeZDEj0Nzvv0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f907e31b521-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-win.png
104.21.93.4200 OK 14 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-win.png
IP 104.21.93.4:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/slot-win.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 14391
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-3837"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNQwOwA%2B%2BgmESAmK7mPej93dcFEYceBWfjbke9eTufib%2BNULoc7Vl%2Fj8c8wiWQ3xlriXcHKZhn247tXnHj3EGUnuhfxyyBhtjPBjQFxcRDRQbNCPI%2FFUKVc8DWZwg2euDybO4gs0mwkiR9JJxkwOAJPdR4j35%2B8OuHYIoTg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f907a04b4f1-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-result-1.png
104.21.93.4200 OK 20 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/slot-result-1.png
IP 104.21.93.4:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/slot-result-1.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:24 GMT
Content-Type: image/png
Content-Length: 20370
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-4f92"
Expires: Wed, 18 Jan 2023 04:02:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfQHySc%2Fn2r9qcWt8FEzH7LD1zpzF2hSxeUTk26OxPZ7eF8%2BOqazjcxPz7GXzLYhbX16cjdGD5J9I7TRBE32OYM89zatLuTJAhiRHKI0QzBcZHAaaAJSvPVqzW3IDTlrZH7t7cHeG%2FNAYPhWgnpdD%2F55scfWJNA9AUNjPkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f9069bfb4eb-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img2Male.jpg
104.21.93.4200 OK 1.3 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img2Male.jpg
IP 104.21.93.4:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/img2Male.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:25 GMT
Content-Type: image/jpeg
Content-Length: 1297
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-511"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNwW%2F8Hb48l8c9wCG6ZaPaYHphn7JiY6h2iL3UyPHMST8WCZbT%2Bk9KgWUES0T2hbbqXpzhbkfM6n1TmSfwe4bSKHxCd%2F8Pq9jE3G3uZyoEpRcRolzm12flXDbwfSWPfW9KaxkZ5IDRHd0apOJQP5Mr%2F9BcQcvSnUGTQN%2BI0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f911e3a0b31-OSL
alt-svc: h2=":443"; ma=60
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img3f.jpg
104.21.93.4200 OK 2.3 kB URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/img3f.jpg
IP 104.21.93.4:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/img3f.jpg HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:25 GMT
Content-Type: image/jpeg
Content-Length: 2336
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-920"
Expires: Wed, 18 Jan 2023 04:02:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCX3xQsJHh8iIsQzAYXtMMU%2F84YTZmvu6hbyPizREO8T%2BZFyHwJCrcGQkS%2F%2FYTHw0tx8M%2FYcNQr55Pr%2FTVQ0dfNE5p1JX5ErOXN0lX5cBgFaohk7CzW428bMw%2BNQcb2Y8AF8P8HC%2F0iRM98S8yJc0Lb%2BduZg%2FbnVJyDwvQI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f911f310b51-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 03:33:24 GMT
age: 1801
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/favicon.png
104.21.93.4200 OK 765 B URL HTTP/1.1 abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/favicon.png
IP 104.21.93.4:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c864fa4584a8fd1bbfb7567fa343a7e
75b1002791cddf18d4288ba7a8a0f6c585aaa1bf
e50c46947744e4fb65ead9ac14e00f3e094b514bcc40e712a2c3d2398e7cdfa9
Analyzer Verdict Alert quad9 Sinkholed
GET /casino/luckyspin/favicon.png HTTP/1.1
Host: abcghi123jq456df--loading.sqrkifnsmp4y.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/casino/luckyspin/
Cookie: waf_sc=5889647726
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:25 GMT
Content-Type: image/png
Content-Length: 765
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 10:35:26 GMT
ETag: "627b916e-2fd"
Expires: Wed, 18 Jan 2023 04:03:25 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UblH0QDnwbzFFuLx8Nd%2BfnHi6URDSf5rc3qnhrsaNKKO8tBOZuptmuNr95AGSfmiluXcMAG1F26IjiBFMtyve%2FqjCH33MI7SKV5YkFsus2UFxwer61OdNtcrn7UI9AL89WxlDyxjVxsis6I7Ytb1sAkdv1NAOA2Bw0AZ2oQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3f920a6fb4eb-OSL
alt-svc: h2=":443"; ma=60
cdn-go.net/vasdev/web_webpersistance_v2/v1.8.2/flog.core.min.js
188.114.96.1403 Forbidden 2.2 kB URL HTTP/2 cdn-go.net/vasdev/web_webpersistance_v2/v1.8.2/flog.core.min.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash 99777aff55e254f70126c132f1b72ed4
310a254f9c0b0fa1d840cf53c2a45674f6456eb1
830ce1f83d8783ccf205b8723bc147f9163af0b4dbfe8befdfdc5fccf39433e6
GET /vasdev/web_webpersistance_v2/v1.8.2/flog.core.min.js HTTP/1.1
Host: cdn-go.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abcghi123jq456df--loading.sqrkifnsmp4y.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 19 Dec 2022 04:03:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd5Ax%2Fc3qz7qHsS3D2lQFFjDG5w4WAUO047voUUCjoodTtV2qYKCtnhLhErg5ytCJTwmNJ4Ob7xJ%2Bxfl%2FTlK1OifgZ%2BXOXODwaBzkz0oCbmVf0AUnV%2FI%2BBVqpPuN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bd3f8e89f9b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3631
Cache-Control: max-age=108237
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:25 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:07:22 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0tr3XkB7eFh4SN+TsNu07g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5DsRivhZddz8Y88U9by6FJOvtS8=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5986
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5986
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5986
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5986
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5986
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 945d09b8aa956ddee667614c08687f76
0db0497203df4f2ec5da40cd0ab89383479e5d9b
a0953dafcf933d120941f84b60d2884b3df33fa01dfbc5bfe62fc4910b392a83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9824
x-amzn-requestid: 921ea0f0-7d7d-467e-b3f8-2eb47a62747c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dURWQGoXIAMF_OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e628e-6e4016837f2b38615bff371e;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 00:45:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DgMx1NDqKgwNAIUP-itlH4d6NP5yvSMv8JYpgxo5rdMoPraPrwLzqw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:52:37 GMT
age: 65449
etag: "0db0497203df4f2ec5da40cd0ab89383479e5d9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X0VzM83Qjs_EN_OLbEU0Lq7M8QHLplIt8Q1TocQ093Qsb22jMoQyZw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 00:09:40 GMT
age: 14026
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aba060983b21c03fd43a14b313fa70e
005128984586fbfa35db5e75e38c43603cae24e1
805ee8bc4be00bc288a082083281984c54cd802138636b9df01f40f22a860897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12172
x-amzn-requestid: 26e2fb4f-5bc5-4bc8-9e44-08461977187a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVIjgHuiIAMFhYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebae3-79e72e6522d1c0016e46668f;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:01:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rtAWDomNd7jCyemJptNJajRruNjBVSNAAbDoUra8_3xhVQmNJIj53w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:08:29 GMT
etag: "005128984586fbfa35db5e75e38c43603cae24e1"
content-type: image/jpeg
age: 24897
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8b260b0cc287f1b66c97f552b2a3c21
7efa342abc52a36cd3fa2dd4b3e85cec1def58c0
7263d7176d5879c550158fee5259605dc298a99902cb8a2c340ab2b92f92bc90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: 3254bdde-1e56-4423-a87b-5955c64f52ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA6FUVIAMF2gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-09a330722c1eec79103d9b9e;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DasybViQx4_4UEeMrw-ltVJ4G0yacyPNarIMCcNmSPA-T9PEuA-Tdw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:35:50 GMT
age: 23256
etag: "7efa342abc52a36cd3fa2dd4b3e85cec1def58c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c990c360fd972821af876119dd8555b
458555bf2ac16225da8adfc9fbe75aed89526287
beae8e1d373cbe333272e54db93f44e18f063e93f12f005e793ba64e4f7696a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7760
x-amzn-requestid: a0b96eff-245a-48ab-b09b-013861bbad27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKwhKFTtIAMF6TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a946d-513964bc657a326217d85e42;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RIRrm1eTSOwWOIuw-YP0ga1-wyEVmsyLL4_9FnFauMDE_r290dds3Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 13:23:41 GMT
etag: "458555bf2ac16225da8adfc9fbe75aed89526287"
content-type: image/jpeg
age: 52785
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da7f54bc8961e24cce4c3910d7657b9e
95f9529aa321d707eac3e133db97c6b641648bdf
ae58b97cc6f584713fbd73bc210ecfcfafd9c5c997008e7e79d59a6e45949846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9266
x-amzn-requestid: 3739feb0-48e2-489d-908d-5aaa418796f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dLRqUE3goAMF6OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ac975-1dc9b7646f8ca8bb5210a16e;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 07:15:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4D3Ja11RqD7j1fygKDW7EEe9pBBFU4y87odkzUQhtI8LSywmc-TSXQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 13:23:18 GMT
age: 52808
etag: "95f9529aa321d707eac3e133db97c6b641648bdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2