r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8700
Expires: Sat, 10 Dec 2022 09:21:44 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a1aa4f836549fa521e80c0a2c1a6f23
b3647f534d30456b13b12fe821b4aad9de0d7e79
b333db3e88125dca1100efb888b44c61263167d5cc0b2b57eb5a93206ddc2d88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B333DB3E88125DCA1100EFB888B44C61263167D5CC0B2B57EB5A93206DDC2D88"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17333
Expires: Sat, 10 Dec 2022 11:45:37 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
188.114.96.1200 OK 5.9 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1557), with CRLF line terminators
Hash 3694965be86aabdf1ccab9fc5e854a1a
c521d7a2b5f3468604829824cf1d5b84142efedf
615a9beb8fe5df7b870adeea5e002656662a2ee975435aee5a294dea8c0cf615
GET /ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Mar 2022 10:41:01 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6TT7B1yB0XFciNoCkYRWruc%2BEzIHrSFbtNtKmNJ3mjzksJ2n14EW6xOshP%2FeactK6jlk4XPWfe8Ev%2FCFQmC5UvbJZ8lhpYJI%2BvJ%2F6eldD28NLkKhUGnG1gCLt6QRkS%2BmON2sD7fG6M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151478390b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 40 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 69ade133c8794dc645e58ec2b2fd5b9a
d96e4ef5d387ed06cc391c604828c29d78d50679
360b1d3fde5d1524c71c273dbc943946443ccf5f84e32cb7c072468917464e57
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: ijQqXG0pZyvDBny0IKHnXYrj6GBeJUNzLItPivdrK8sX5XcEmk7tEQ==
content-encoding: gzip
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 06:49:09 GMT
age: 648
content-type: application/json
content-length: 39682
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2664
Expires: Sat, 10 Dec 2022 07:41:08 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VXnwkbBgafsKtQuZup5hLuavorfxDXYN0ZCLu6DUpkaeioK2Uf/fvW2xFVIo69wfRnuPF2cxlrc=
x-amz-request-id: TTBKYMT1P733Y00B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 06:48:41 GMT
age: 483
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8990
Expires: Sat, 10 Dec 2022 09:26:34 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 06:08:23 GMT
content-type: application/json
age: 2901
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11689
Expires: Sat, 10 Dec 2022 10:11:33 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
slotbusterscasino.com/ca/aweber/lp2/5e4c60db281d8_v.css
188.114.96.1200 OK 7.1 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60db281d8_v.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (31320)
Hash 1974a679d99199a1aa650ce29a8fa9a5
60e8aa83ef50ef9d14504ac4fb8182eea7a70d33
a0813b88750cb9f2fc6f15ec13ff6ce8f3fea38118d379378f7cae1fd53d99a0
GET /ca/aweber/lp2/5e4c60db281d8_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 7104
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "7afb-5c7be010b331f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SrFwcJb8OESqadd1CoIVmIH5ScsLhoxkfCeFZCrl063x%2BLW5KxbN2ApoGECWEnleMRrOWBpFrvhqA7i6AqVoEpENqFzvdjGS0GPj7cte1WvjcDMZWEo4R7aA04T%2BFr7qilUKcpVDlI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166ba50b61-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60da1215a_v.css
188.114.96.1200 OK 20 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60da1215a_v.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (65371)
Hash d66dd0ebfa6897fc864f17350f82ee71
eb486805413ce6e2d51d6b30ec9af018eebe4f44
56a3d9e5bf910037b74e05de648055af502d787c277a3370eed97164ee88443e
GET /ca/aweber/lp2/5e4c60da1215a_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 19802
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:40 GMT
ETag: "1db52-5c7be0129f622-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uwAlRIsA4mjemS2tU2ffyJbdHzyac9dBF%2BiX1kyX65YRdO%2Fef3BCRbL1%2BU2zpjmWPHqjI7RbymN0F86gld14kMVAp2smM45ep4KujV1DCk%2BiplHOQB7SUauqo6e%2Ba8Ud1358I4bMBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151669040b02-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
188.114.96.1200 OK 3.1 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (557)
Hash 6ae867c4714957cb49f27869629aafd4
48e2f8f6722aef57038fc0da879b8ad290c8e74b
e2f249bc52db965a026bf0f02ffd4815b834de0c584b9a8bb2f8df651d04d928
GET /ca/aweber/lp2/5e4c60e1aa979_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 3073
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "3cff-5c7be0132c023-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dwB9It6dl0xiouevqCp0Rv2zZtikIJ4uZMxNlK%2BSIRRvo6iGXOGhJMSN1IEjGi782en2Yjf%2BxdmuwPQc2bQMKkjTaAZ5IQiWE6dFxkJRWdc1waGqsGKkjI9An%2BkPm7LCxGt91YV1no%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166e950b51-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60dac2620_v.css
188.114.96.1200 OK 67 B URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60dac2620_v.css
IP 188.114.96.1:0
Hash 63b00463b943556bac81bdcfc377dfc3
7f51e39070eb10fa13181a72f39275cf3f549f9b
155b548ccf8efe104619bd351c8ee01421b5e70c40e2b4ad3e5b43fb913f9ead
GET /ca/aweber/lp2/5e4c60dac2620_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 67
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "4b-5c7be0149c2c5-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVL5tcEs3Hu54dscxOS4LA6iterwsmWibcBzxjrOISy2DAawSAgYqCKn6V7m%2FDC%2Blx%2FSYh0BIHF2X7RbngXcAJDbOqJYUywGQEIAhjxBwCSGn6KhKDzydD20YLT22pFeDxfQN8iZPjE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415167867b512-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60d92ac63_v.css
188.114.96.1200 OK 1.6 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60d92ac63_v.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (7048)
Hash 74db55934849aee470cf0435186a054e
4a9e7fded8c13eb54e9c7d663ae6a99042b1a623
e263b9daec7ced107993d0fd0204a5a9d4913471a2d0a120018ec8ae6486cf55
GET /ca/aweber/lp2/5e4c60d92ac63_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 1645
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "1c28-5c7be012fd222-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhqpgZVPPzDN58zU8js%2FIZfWrPlAIgZtbjaCPgsJIeVWqzNP%2Fri1gZf0EDiZVPrGGp6jxsXkV7exUbwiIaNRkoiylKlZeIHZMCpOGmhTPBh6mfCYCp%2B7ZRDPSV0myE8tiv3SwDtR9rE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166feab505-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60d91d0a5_v.css
188.114.96.1200 OK 0 B URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60d91d0a5_v.css
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ca/aweber/lp2/5e4c60d91d0a5_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "0-5c7be0104f95e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbXcmvAe5fRw3zRnteZcsL3JBrYsb2LBY0WK4%2FUN5HUOGoDyNKwbhjr%2BOfyQgH96GjJlpLwW3l%2BcjSdPGQz8wCzrWc575V5uJt8a4gf6aQOJoksSjtX4QgB%2FW6JgnKw1e64Ch%2Fdhwcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151678f51c12-OSL
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 541bbb3c9926e793c2593203060241fa
49e1cdeac3e1f7b560f4247224b066bc1d0f84e5
b7fc19ac675b5ebd94589a550e1fc31975899381492b48fb76cb6b3107d0164c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 20:20:01 GMT
Expires: Wed, 14 Dec 2022 20:20:00 GMT
Etag: "49e1cdeac3e1f7b560f4247224b066bc1d0f84e5"
Cache-Control: max-age=393195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777415171aba0afa-OSL
my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
IP 139.45.195.8:0
Hash 1d1522de413d0b27a43e7be4efeb0405
58c52eec6da93a26b374308e6189b8af139624f7
d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193
GET /p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
slotbusterscasino.com/ca/aweber/lp2/5e4c60e44796a_v.css
188.114.96.1200 OK 422 B URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e44796a_v.css
IP 188.114.96.1:0
Hash 9f82ea0a829c5849f628e22d7c8b3187
52102e2fb153ccd5a927da49550330fe7dea77a9
000067a7ed787deab36f39be14e1b3d3d0067d2b00c945ffe0213cf4779a5b35
GET /ca/aweber/lp2/5e4c60e44796a_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 422
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "406-5c7be01157420-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWH5b2DUgcMYA3t2YfcGiE6QlEn52Da4xmV2RkTniDVeKOTsEzZvothnIlJXmLFsD5c781Wh0HsdJwWO0fRSoMpy2nuLAJKvsnFWxAoHkFAFqUTLCtkk0LathsGC2jTkigqmriR0BtY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415173c600b61-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js
188.114.96.1200 OK 37 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (526), with CRLF line terminators
Hash 07c8dc9a8076ba9c70f3c8ffa73bff8c
221e08e6d78472603eb0032aefc58bcf00e099a2
284872944d136c874993f339141624dd957270274f60d1271049b1f8c6bc64f4
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/5e4c60df17883_v.js HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Content-Length: 36952
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:37 GMT
ETag: "25372-5c7be00ff3c9d-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l69B9kjXSQxtJBZONttMP0Wpa0ADS7IRwjS9BDGi5sYXEMg8F5RvBsxCPGT1FlKzzrOTCCassbwkbZH1h49mw231%2BIECcN%2F2ebYWaZDceWgNY3lCksrpEs34wdivD9n0ozx6E9RVu%2FM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151739610b02-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js
188.114.96.1200 OK 15 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (57791), with CRLF line terminators
Hash 51be772add27a10203d8286e2ce21713
f0e7618a8ccc65d9c8a7381eb9fef9e0182f3c61
d600b452bb0a5034afb83cacb05af8e9be275357c7780fadaf9e22fc0e9a0e71
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/5e4c60dce6a19_v.js HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Content-Length: 15413
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "e2b5-5c7be013f4344-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQDfJSB8C6oE%2FSHrdSTj3sVPFEIJIJhdLJk7aZN2kBc4nmEayr4yvHb5kg1ARpsv2P%2B1BdnQnMY6x%2B%2FbV8bL8sSCCzk5vC36pkTLOBbjCsf1ww35k2W6TYVwioQgp9Z2ARI2p27QEHY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415174f040b51-OSL
alt-svc: h2=":443"; ma=60
bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js
139.45.197.251200 OK 14 kB URL HTTP/1.1 bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (39559), with no line terminators
Hash b0248b30e57fdd1d6f2d1ca431d7cea1
8db557f8498245d59e56fbea78b2256c316e73f8
e0d17f3c9ed344a38fd3526fea8b7221afe6b7c98962141ce0a78345a7424a68
GET /pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js HTTP/1.1
Host: bigrourg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 01 Dec 2022 15:42:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6388cb77-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fdaad09299c95dc4175825bbbbdb213b
cee384d3735d90ec9042e31040ad464d7ace9364
c6b5eb06361f63f886a644a40ff0a1f8432fe24dbf170cf392f799f789faf644
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B5EB06361F63F886A644A40FF0A1F8432FE24DBF170CF392F799F789FAF644"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18271
Expires: Sat, 10 Dec 2022 12:01:15 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive
slotbusterscasino.com/ca/aweber/lp2/download.png
188.114.96.1200 OK 4.4 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/download.png
IP 188.114.96.1:0
File type PNG image data, 330 x 153, 8-bit colormap, non-interlaced\012- data
Hash 2a30989f45d9fb77ae8ea63ab7edfd01
550e4499e96d46819d077d8686cc1fc3391aa271
81540fe6f970e646c60cc2891b048e019b3d3bc94f293ccce40a54c57cdf8f74
GET /ca/aweber/lp2/download.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 4447
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "115f-5c7be01111ebf"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pVLBNy2JA%2F1KysYxsmHuz2peFj06n%2FGQu8NDBNchKmvZMv2xo%2BCRoexiVvwtXMnTfdW4SINOZD8dMFSPf64vZ2NpcWNAVrS6gMiFqmg3SmMr%2BbT2kKoUKQLwBIPx5%2Bg%2F%2FGh5UhNMWg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151809a4b512-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60dd8206d_v.png
188.114.96.1200 OK 6.5 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60dd8206d_v.png
IP 188.114.96.1:0
File type PNG image data, 200 x 60, 8-bit colormap, non-interlaced\012- data
Hash cc3640f8d9c0e62d481db7d02a4eef7d
4122480d540224ecee27a45ed6851004c6b46a04
2bf523c5c856b0d43878370f7b7c1b9d586689141806fae6db83b986912b26e0
GET /ca/aweber/lp2/5e4c60dd8206d_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 6460
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "193c-5c7be01391923"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKfLkv7JsATJGN4fUgZ4LJswOi0DrA44XGwhPni4sIYTPVGZVLA9OTe5qEitp4F4m9oDlQDxpIWANXITjsSvugc4UbGv%2Brwq0IB1O9k9LHKk3v0%2BJD%2BUJNvyu3eGKUe2%2Fy9CX2UreyM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151809ad0b02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
slotbusterscasino.com/ca/aweber/lp2/5e4c60e2e3d2d_v.png
188.114.96.1200 OK 95 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e2e3d2d_v.png
IP 188.114.96.1:0
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 802e9223fa26fae356596c079e4e2474
a46851b3a70409f2f64e228de8c97235384910a2
87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a
GET /ca/aweber/lp2/5e4c60e2e3d2d_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 95050
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "1734a-5c7be01427f64"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3lyMDoKqPJqptnBlKgWkUMt6HTLffyd9B7sGwy67Woi%2FIVaywARFzuqFyxmmAeL1pjUQf47EFYIk3x0sI%2B9Ho6WdF%2Blp91hMXOvmNvOmZ6izqz9IwfZCu20%2BS%2BOn%2BjV4%2F8QZ5Fy0MQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151808d1b505-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vctx?t=90679
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=90679
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=90679 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b76eac981e80b20da54efc503a60dd42
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
slotbusterscasino.com/ca/aweber/lp2/5e4c60de5bb9f_v.png
188.114.96.1200 OK 51 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60de5bb9f_v.png
IP 188.114.96.1:0
File type PNG image data, 560 x 528, 8-bit colormap, non-interlaced\012- data
Hash 5e9a658d01128cbcf30ad2a905906f5b
70ef0f9e53f0076cac95db60614566245a6a6dd8
89659abae3d30df93fb9bf7515a14aaaa4da2f56f32156bcf0fad8da59cf6327
GET /ca/aweber/lp2/5e4c60de5bb9f_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 50614
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "c5b6-5c7be0100b39d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpk0O%2F%2Fh5LlnVKiWUVWuQR9R9oD2QlgfgIGHswmYJ4YYY1ewiator%2FlY%2Bti4AUpwPHBSedbN83tVC0Etwd5VSDhEyDO6gGE2wvzyEXne330IeZPAyMAAdn54w7WOgWZw5bNG%2F1e2aKM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777415181f550b51-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60e233c94_v.png
188.114.96.1200 OK 85 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e233c94_v.png
IP 188.114.96.1:0
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 55e9f817e0ef97c590a4c229e0529854
d0c61dd6fa85e390b427bf3e3908ca23671e2ad2
a58a58c915d407390d40a48eb719bd3860466ab47c533250dd47f6938b2551e6
GET /ca/aweber/lp2/5e4c60e233c94_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 85345
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "14d61-5c7be011c88a0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8erzwqvYRxDEcmtqQfd9lpLNuiGa1mpfKbYLETbBHgx3rjiDNMFXI6VvNzg15q8bTX8PR%2FyrMk4nokkGolwyTwKknV4TAVfeDam3CvXgyKmxoJi22DG7O3eH799lc%2F7Dv5MmLKBHzs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518098c1c12-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60e3b2101_v.png
188.114.96.1200 OK 76 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e3b2101_v.png
IP 188.114.96.1:0
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 2f47d4bd093d6511cf76a449fb672dfc
c2482408a7d5ec6d2ce9e3415832b16fe8e2a7e0
7fed6a9fb598bcea573009c0be86610ce24dd877f97d415ffe7ceed3b44a686e
GET /ca/aweber/lp2/5e4c60e3b2101_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 76234
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "129ca-5c7be01099cde"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsY01a%2BeN%2BzQNEO16372Zvi821sPeE1IqxdeXDErfrxE9p027iehbH0ueYz%2Bsa7QEuJyhxKeBOVlmE5CWSFz8GEcAplYMTPgHJcI3TTOUPKTcPbLz%2F08zaX45JoNoZ7P2rvFhCHg4LQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777415180d040b61-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
GET /s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:33 GMT
expires: Sat, 09 Dec 2023 13:33:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
content-type: font/woff2
age: 62591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
slotbusterscasino.com/ca/aweber/lp2/5e4c60dba3171_v.jpg
188.114.96.1200 OK 35 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60dba3171_v.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1300x442, components 3\012- data
Hash c89b0c713601891480a7629c4ff15236
1efa87c2fc4d483df5347fbe4f71b2ae3dd710b9
dfd7a5590f7cd486818c55098a5a3d391a3e5a82323625e2dd17b7a7dcdd125e
GET /ca/aweber/lp2/5e4c60dba3171_v.jpg HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/jpeg
Content-Length: 34833
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:43 GMT
ETag: "8811-5c7be014cef46"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcuf8g7gttEpkMcnqhZCg9tnMYYCIT0wSCQhETV2LMSARJx0ObtJZ%2BRpF0vOSRS%2Ffc3lNf%2B4CaFaDWRuy5ronvCLbBB1jj20rwd%2FOrq0wFuCmp8NdMN0GZSaaIk0UgtThVA%2BzFr%2BLq4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518ca7ab512-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60dfd9d98_v.png
188.114.96.1200 OK 2.1 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60dfd9d98_v.png
IP 188.114.96.1:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 72cd866136817a6f7c16d204a4c0331d
1e3078ff441240bc9c24b074818167adf4f6eb4e
ad82010277c5d9b77233c6b068d278cdf4e15d702d57c39cf6900a494f0ee784
GET /ca/aweber/lp2/5e4c60dfd9d98_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/png
Content-Length: 2117
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "845-5c7be013c3604"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEDHAyzEcWf6865BTMVbKkWY%2BQDOcPrWrQA8q7dKJ5Gx73jQ0cQK%2FVip66XZ61L5D7Z8R8npOmYdqbTbiqdUkA4ciXtbBhab65SJq7xTzli1UDqp7u6gqIcBeKOQFpEHlenueA9xUfI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518da110b02-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/5e4c60e0405fd_v.jpg
188.114.96.1200 OK 27 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/5e4c60e0405fd_v.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 124x800, components 3\012- data
Hash cd13e712beeba62956510e479018be24
84bd510faa4200b2f284d51fcfa0f5e84d6ed720
580a105bb107ebcce3d544568e204518cbc5b5eb627671fa84bc0b58551d6aee
GET /ca/aweber/lp2/5e4c60e0405fd_v.jpg HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/jpeg
Content-Length: 26939
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "693b-5c7be01195c20"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DAwpZVr77Mynnf5Fx4%2FNANA0zJXXtO8iU0r5P5e%2Ft7G7fZEyaOmNskrWD%2BAC%2FT36YSmBUZhksPdXcCIAK9G6JcHYhxCx91qJ8CWNJlGqosKw3l7xMkXFqzqJMTzBDoWQDpjYVPyrf0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518f976b505-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/alert.mp3
188.114.96.1206 Partial Content 8.8 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/alert.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:21 GMT
ETag: "2262-5c8e91f489e8b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0nQn5FQFuIjOts4iWxz7nCenQFqQaWQza7ozdKvkZuTCBtyhtVtjH0gbAlCEo6xZ%2FRPsPP6VbgFeCzKyXHaJxG4Oqn7nX%2BGpa%2BLvlkR%2B0yq7MZ2n21nLEC6uju1MUQjuO7w7p3U%2B4g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415192fcc0b51-OSL
alt-svc: h2=":443"; ma=60
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
2.18.172.211200 OK 446 B URL HTTP/1.1 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
IP 2.18.172.211:0
File type PNG image data, 40 x 40, 8-bit colormap, non-interlaced\012- data
Hash f761e602db6145ebaf2e0d30f0d3a78d
c70bb6bd181170532bf9e89b809fc6132920503c
37f02ad34f8925573f5d0174e84af316d40439e158f169676d9a20008a4e8528
GET /assets/images/foxtail-blue.png HTTP/1.1
Host: 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 10 Jul 2019 16:34:21 GMT
ETag: f761e602db6145ebaf2e0d30f0d3a78d
X-Trans-Id: txded4916098fb459599aa6-0063882acdiad3
Origin: https://mycloud.rackspace.com
Content-Length: 446
Accept-Ranges: bytes
X-Timestamp: 1562776460.11389
Content-Type: image/png
Cache-Control: public, max-age=179812
Expires: Mon, 12 Dec 2022 08:53:37 GMT
Date: Sat, 10 Dec 2022 06:56:45 GMT
Connection: keep-alive
propeller-tracking.com/fv.js?t=90679
139.45.197.240200 OK 24 kB URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP 139.45.197.240:0
Hash 8612a2a4331ec379017029c49acd0d4b
3a6055daba5b0e10bf82ac58c1421f786e0a3f5d
b58b304fd90182cc9397afcec331744b918b5b72fc7cafc640da09d4fd622b1a
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: df39cf263d5407069d4f6127687be163
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
slotbusterscasino.com/ca/aweber/lp2/coin.mp3
188.114.96.1206 Partial Content 22 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/coin.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/coin.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:24 GMT
ETag: "5633-5c8e91f7aab0d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR4HxzhPyioKIzu009q%2F1jN8rIRAUFCEZb4HxLy74wPxc2HVo4Jl1QiVlg3RUV4Oe3JHBU6MetjvEpIdNQukXQt3Wv4FhxjPwARQMeNFTOkiNgMSHhrvshSJ5N8dw8ARwK%2Fj4D7x3Js%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415199b0eb512-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 06:07:55 GMT
age: 2930
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
slotbusterscasino.com/ca/aweber/lp2/spin-sound.m4a
188.114.96.1404 Not Found 283 B URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/spin-sound.m4a
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c94f3a9d0f3cbab493bf5a259b56e4bc
ca93015902ac8faa5bf74b90e2801110efa67e3e
0d96f9a360cac908073c7d1f305588ef16312acb7f0368ed5d65430a84a5a65f
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/spin-sound.m4a HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BV5Ar4MfCZSax5FOUYBJf%2BmWCVsSi6k2e33KGZ7BspEe2uUruJ22grLDpA3738RUzRzzv6Ckr1kD9ZO7X8lh2031B8J9A4Onvm7%2FKXJKueoLz5vsexi%2F1xHWAxyOlQ1vDafWU%2BGvro%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415199a780b02-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/alert.mp3
188.114.96.1206 Partial Content 8.8 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/alert.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:21 GMT
ETag: "2262-5c8e91f489e8b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs%2B5laX3udKZnqxIFGu3EpsoY47r7esV0fjY9lzkSAFEqconMQT3AgrKR%2F6lntcDsFW1BqW8%2BTzgVSnRvo0ZQ5K%2FoAQEHY0sJfp1HS10W0i0uhymgt2nuOPUvXdVdXnBO5zdqzwRchI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415193db00b61-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/sound.m4a
188.114.96.1404 Not Found 283 B URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/sound.m4a
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c94f3a9d0f3cbab493bf5a259b56e4bc
ca93015902ac8faa5bf74b90e2801110efa67e3e
0d96f9a360cac908073c7d1f305588ef16312acb7f0368ed5d65430a84a5a65f
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/sound.m4a HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWoFy%2FJ7rCT5wE6F%2BdTpbOyzoSkl%2BbJbA7TocGiFIKT2BSIqubqTzBT3bjGHx71wBGyPBr8eR4G9%2FwigJ7Ny%2FQFcH5BpIzm00lUg6LeSSorHm6BGnAhfLnilARuZXPJy7NiMsx9JQPE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519c9dfb505-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/sounds/alert.mp3
188.114.96.1206 Partial Content 8.8 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/sounds/alert.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/sounds/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:51 GMT
ETag: "2262-5c8443719ba6f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbyQL%2FdD7%2BPQmHkF4mjbVNa5l%2BmrH4d0aJpy4JXkaLcBwx3CKinPRGcmlW%2BrZGbN5Scn8GJ0McA8tE8HqhSdfXDut7IEhYPOU6OaV44SYLug9Pz%2FDBY0p9d1EFM%2B2nXskdg8W5WpM4I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519f8290b51-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/sounds/win.mp3
188.114.96.1206 Partial Content 22 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/sounds/win.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/sounds/win.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:51 GMT
ETag: "5633-5c84437198b8f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1gbGTIKLlGEemXNjEe9cAu7YcbkB5ZtkWQetJ%2FULaUub7gr2iI7%2BuIhVRD0W%2FgENdmLduvE8yTDup2dHL13oGUIfw1qchi9CRY37oaWOBTDaaPH1fAwrIm8eJVJB806VE%2Bazjc3Vu4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519fa481c12-OSL
alt-svc: h2=":443"; ma=60
slotbusterscasino.com/ca/aweber/lp2/sounds/spin.mp3
188.114.96.1206 Partial Content 51 kB URL HTTP/1.1 slotbusterscasino.com/ca/aweber/lp2/sounds/spin.mp3
IP 188.114.96.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Hash 390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78
Analyzer Verdict Alert fortinet Phishing
GET /ca/aweber/lp2/sounds/spin.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 51290
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:50 GMT
ETag: "c85a-5c844371092ae"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-51289/51290
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BBO9Knrxfc4s06fi9GfimaAnRvD6E%2FHBPo4aa%2BGE4D%2BzWq73b1%2FeNJNRRFz7zV9iqJt9PwoRIQfQVQmAz5b0VfPUqHz0m%2B8XI%2F7%2FDBbRrKMELqP%2BLfOIBb29ZnzXJZWGWkd1otmSMo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151a1b83b512-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:45 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ce0ccd39c70ac75d9fc47e0a70a31227
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2059
Cache-Control: max-age=96269
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:45 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:41:14 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
slotbusterscasino.com/favicon.ico
188.114.96.1404 Not Found 234 B URL HTTP/1.1 slotbusterscasino.com/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55fcd22ed967efd518aaa9f2b4337c53
99a4d34ee36a544e0ef2a94c40b03e85c952a30f
9c8794945b2b60106896b6efee212376433f522a28603ff34576a49f0250062e
GET /favicon.ico HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJgC8mWn8fc1tsiAr%2BY7dk0VLgNxFOAmjJKMEyx5wdhTI1eEStXFSBXk5t1H5I2Ppaydt3UUEm3YLGqwXjLjrJ89DXFF0Z0Jrnr%2B7TdW%2F4s31wQw%2B37eF4fKeeazGQmVH%2FCJqk0%2Byb4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151afa8eb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:45 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f49eb35bbae54f8392bc54a3dc9a1935; expires=Sun, 10 Dec 2023 06:56:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ev1juhTJiHNxOC2c2nR4uQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4i1aseIPjwZ6CGEua/qZiIQaTyQ=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 32465
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O3gPppRKbJb__o2lo3RsvabqgptV-zvDLbm1AweL11hrZxfOev6kvA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:34 GMT
age: 32172
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 12485
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: a8082dc0-21cd-4fd8-8c3b-50a0b03b6200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_rGiaIAMFnLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-2a0096650760715e6201b97a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81ITdqoxk0_9sH9c9Nu9t50Ke2BDkI9RJqxFPziuYZwcpwnmpwfWYQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:26:51 GMT
age: 30595
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 31922
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0D5JLUwjeMjMjD7HCMS1LAzYQh8B2zynnZqCtsd1yrmcOcjQbWaHw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 32475
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2887
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2887
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=90679&bid=undefined&aid=undefined&tp=2887 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:47 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ccdf6166277914460d91ee8b79ec10b9
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2