Report - slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

Report Overview

Submitted URL
slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-10 06:56:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	139.45.197.236
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465 B	879 B	2.18.172.211
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	95.101.11.115
bigrourg.net	219228	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	14 kB	139.45.197.251
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
slotbusterscasino.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	615 kB	188.114.96.1
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	997 B	1.9 kB	139.45.195.8
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	16 kB	216.58.207.227
propeller-tracking.com	187053	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	25 kB	139.45.197.240
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.149.164
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	40 kB	34.120.5.221
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/alert.mp3	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/coin.mp3	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/spin-sound.m4a	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/alert.mp3	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/sound.m4a	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/sounds/alert.mp3	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/sounds/win.mp3	Phishing
2022-12-10	medium	slotbusterscasino.com/ca/aweber/lp2/sounds/spin.mp3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	unphionetor.com	Sinkholed
2022-12-10	medium	unphionetor.com	Sinkholed
2022-12-10	medium	unphionetor.com	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js	152 kB	2023-03-07	2024-02-19
Pretty URL slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-02-19 09:29:02 Times Seen227 Hash 3ea44f5255d1d5d355d2f4559530b1fe fe1d19c62c179af454ead6819ad49ca45ae6864e b80214d786faf0444b1c0c8cd47dd52c1d6af10cd56a1358784a9cc09f403fad Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	81 B	2023-03-07	2024-04-18
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen380 Hash c0211a10e5bdf9d68c40a31c758e1771 a1ba4ba2803ccf705fabf143a7422c5da5c67477 e1d462e0028d01b1829fdd49d99c692bcc9189772959390bb18054f14deda85e Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	88 B	2023-03-07	2024-04-18
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen379 Hash ed6cf71315499a6827f20b3e13d312ad 71b272cdddcacc233e31d69df4ed7c38ba05a3d3 06bac6943b40cf25de3797e62a98c681ee26f658ef18871adb9c338d4f8c5e7c Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	79 B	2023-03-07	2024-04-18
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen378 Hash 330cb3e23d95121bd55d849997798301 ac065eea17a1fe8f68bf72a5645acdffab3105b5 02edff9349933e1f564c6cad886e0eed218cf96d3b43a390735e2e6084bbc22c Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847	697 B	2023-03-07	2024-04-18
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen604 Hash 1d1522de413d0b27a43e7be4efeb0405 58c52eec6da93a26b374308e6189b8af139624f7 d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193 Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html	102 B	2023-03-09	2023-03-09
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:06:20 Last Seen2023-03-09 01:06:20 Times Seen1 Hash 17e5217b71601c774b9ea967e04a0a95 2ccbecf6b3a5d7a116b3b300ba70b1b69d9836fc bf47bf877769d2a5b4e9229d9c131b9bcd60b882f07207c9b7baa008d4955143 Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	136 B	2023-03-07	2024-03-24
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:42 Last Seen2024-03-24 15:05:33 Times Seen533 Hash 96e82ebcc1bba26e17346488fdd431b1 24626aa3c03c14ff2fe20e52694acadbfca5ddba bb30099f988a6c87efcfbe186ff09863e87a3e1f5437e9ab9e224a7e934876cc Loading...

	propeller-tracking.com/fv.js?t=90679	5.2 kB	2023-03-07	2024-04-19
Pretty URL propeller-tracking.com/fv.js?t=90679 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 12:42:09 Times Seen2354 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	11 kB	2023-03-07	2024-02-19
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-02-19 09:29:02 Times Seen102 Hash 3ff40e6cf6e0ace55c999c54b029a3f6 4e98915b5351d9a933c12061458e94e267075f37 4333831c75415d01caeb17a78a7203cc8c7f5751601b0e9584ca210d7770e9d8 Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	663 B	2023-03-07	2024-02-19
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-02-19 09:29:02 Times Seen99 Hash 282240edc7c4ae1c312cf478e9df62b7 1ce7aeba8baa37c34f5a6f8b90de7238dfb56b39 c41537cd0991322bf3273f77d3ef926c31b46f2d1225c37f68109ac9b0068c97 Loading...

	bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js	40 kB	2023-03-08	2023-03-11
Pretty URL bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:06 Last Seen2023-03-11 23:52:00 Times Seen1 Hash bbda4d4cb1cb04651668ac9894355eb7 beb26013c4507a5eaf4a6c233a269e064afc0e73 ec3ddcca3167f811aea26c32d2c02e740b4c24511832f44b7db960e993be37f4 Loading...

	slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727	553 B	2023-03-07	2024-01-27
Pretty URL slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-01-27 15:06:20 Times Seen98 Hash 914b629e98154b733aec18089ff3822d f88b1ed423014a573a8d0dcb097e381d0c450142 8ddeda8a20c2a072ce9d7a35af19bdd81ecd86ecaf1ecbfdfdfb27b896362649 Loading...

	slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js	58 kB	2023-03-07	2024-04-02
Pretty URL slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-02 07:58:21 Times Seen268 Hash 1f3b3036e83da66d66aa25a106e7f8bb 82a029bed24d0255a02edb74e898da2438b46e5c 61ac8d1132905ced04a756b27b2b9149ed4cc35ac9cb04c9b24606d02f7b2bfb Loading...

		Size	First Seen	Last Seen
	#1 Eval - ed85b4b6c6c5448fdd84ebc9883a0f08	79 B	2023-03-09	2023-03-09
Pretty Observations First Seen2023-03-09 01:06:20 Last Seen2023-03-09 01:06:20 Times Seen1 Hash ed85b4b6c6c5448fdd84ebc9883a0f08 0b9101b65e83149964b7e8bf697fd693195383cd c865eb97e733090016f4c5a21fabdb7a493d8d3592c1e066af46b789eda072aa Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8700
Expires: Sat, 10 Dec 2022 09:21:44 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1a1aa4f836549fa521e80c0a2c1a6f23
b3647f534d30456b13b12fe821b4aad9de0d7e79
b333db3e88125dca1100efb888b44c61263167d5cc0b2b57eb5a93206ddc2d88

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B333DB3E88125DCA1100EFB888B44C61263167D5CC0B2B57EB5A93206DDC2D88"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17333
Expires: Sat, 10 Dec 2022 11:45:37 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

188.114.96.1

200 OK

5.9 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1557), with CRLF line terminators
Size
5.9 kB (5882 bytes)
Hash
3694965be86aabdf1ccab9fc5e854a1a
c521d7a2b5f3468604829824cf1d5b84142efedf
615a9beb8fe5df7b870adeea5e002656662a2ee975435aee5a294dea8c0cf615

HTTP Headers

GET /ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Mar 2022 10:41:01 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6TT7B1yB0XFciNoCkYRWruc%2BEzIHrSFbtNtKmNJ3mjzksJ2n14EW6xOshP%2FeactK6jlk4XPWfe8Ev%2FCFQmC5UvbJZ8lhpYJI%2BvJ%2F6eldD28NLkKhUGnG1gCLt6QRkS%2BmON2sD7fG6M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151478390b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

40 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (39682 bytes)
Hash
69ade133c8794dc645e58ec2b2fd5b9a
d96e4ef5d387ed06cc391c604828c29d78d50679
360b1d3fde5d1524c71c273dbc943946443ccf5f84e32cb7c072468917464e57

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: ijQqXG0pZyvDBny0IKHnXYrj6GBeJUNzLItPivdrK8sX5XcEmk7tEQ==
content-encoding: gzip
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 06:49:09 GMT
age: 648
content-type: application/json
content-length: 39682
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2664
Expires: Sat, 10 Dec 2022 07:41:08 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: VXnwkbBgafsKtQuZup5hLuavorfxDXYN0ZCLu6DUpkaeioK2Uf/fvW2xFVIo69wfRnuPF2cxlrc=
x-amz-request-id: TTBKYMT1P733Y00B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 06:48:41 GMT
age: 483
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8990
Expires: Sat, 10 Dec 2022 09:26:34 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 06:08:23 GMT
content-type: application/json
age: 2901
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11689
Expires: Sat, 10 Dec 2022 10:11:33 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

slotbusterscasino.com/ca/aweber/lp2/5e4c60db281d8_v.css

188.114.96.1

200 OK

7.1 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60db281d8_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31320)
Size
7.1 kB (7104 bytes)
Hash
1974a679d99199a1aa650ce29a8fa9a5
60e8aa83ef50ef9d14504ac4fb8182eea7a70d33
a0813b88750cb9f2fc6f15ec13ff6ce8f3fea38118d379378f7cae1fd53d99a0

HTTP Headers

GET /ca/aweber/lp2/5e4c60db281d8_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 7104
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "7afb-5c7be010b331f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SrFwcJb8OESqadd1CoIVmIH5ScsLhoxkfCeFZCrl063x%2BLW5KxbN2ApoGECWEnleMRrOWBpFrvhqA7i6AqVoEpENqFzvdjGS0GPj7cte1WvjcDMZWEo4R7aA04T%2BFr7qilUKcpVDlI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166ba50b61-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60da1215a_v.css

188.114.96.1

200 OK

20 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60da1215a_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
20 kB (19802 bytes)
Hash
d66dd0ebfa6897fc864f17350f82ee71
eb486805413ce6e2d51d6b30ec9af018eebe4f44
56a3d9e5bf910037b74e05de648055af502d787c277a3370eed97164ee88443e

HTTP Headers

GET /ca/aweber/lp2/5e4c60da1215a_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 19802
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:40 GMT
ETag: "1db52-5c7be0129f622-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uwAlRIsA4mjemS2tU2ffyJbdHzyac9dBF%2BiX1kyX65YRdO%2Fef3BCRbL1%2BU2zpjmWPHqjI7RbymN0F86gld14kMVAp2smM45ep4KujV1DCk%2BiplHOQB7SUauqo6e%2Ba8Ud1358I4bMBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151669040b02-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css

188.114.96.1

200 OK

3.1 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (557)
Size
3.1 kB (3073 bytes)
Hash
6ae867c4714957cb49f27869629aafd4
48e2f8f6722aef57038fc0da879b8ad290c8e74b
e2f249bc52db965a026bf0f02ffd4815b834de0c584b9a8bb2f8df651d04d928

HTTP Headers

GET /ca/aweber/lp2/5e4c60e1aa979_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 3073
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "3cff-5c7be0132c023-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dwB9It6dl0xiouevqCp0Rv2zZtikIJ4uZMxNlK%2BSIRRvo6iGXOGhJMSN1IEjGi782en2Yjf%2BxdmuwPQc2bQMKkjTaAZ5IQiWE6dFxkJRWdc1waGqsGKkjI9An%2BkPm7LCxGt91YV1no%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166e950b51-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60dac2620_v.css

188.114.96.1

200 OK

67 B

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60dac2620_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
67 B (67 bytes)
Hash
63b00463b943556bac81bdcfc377dfc3
7f51e39070eb10fa13181a72f39275cf3f549f9b
155b548ccf8efe104619bd351c8ee01421b5e70c40e2b4ad3e5b43fb913f9ead

HTTP Headers

GET /ca/aweber/lp2/5e4c60dac2620_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 67
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "4b-5c7be0149c2c5-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVL5tcEs3Hu54dscxOS4LA6iterwsmWibcBzxjrOISy2DAawSAgYqCKn6V7m%2FDC%2Blx%2FSYh0BIHF2X7RbngXcAJDbOqJYUywGQEIAhjxBwCSGn6KhKDzydD20YLT22pFeDxfQN8iZPjE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415167867b512-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60d92ac63_v.css

188.114.96.1

200 OK

1.6 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60d92ac63_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7048)
Size
1.6 kB (1645 bytes)
Hash
74db55934849aee470cf0435186a054e
4a9e7fded8c13eb54e9c7d663ae6a99042b1a623
e263b9daec7ced107993d0fd0204a5a9d4913471a2d0a120018ec8ae6486cf55

HTTP Headers

GET /ca/aweber/lp2/5e4c60d92ac63_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 1645
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "1c28-5c7be012fd222-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhqpgZVPPzDN58zU8js%2FIZfWrPlAIgZtbjaCPgsJIeVWqzNP%2Fri1gZf0EDiZVPrGGp6jxsXkV7exUbwiIaNRkoiylKlZeIHZMCpOGmhTPBh6mfCYCp%2B7ZRDPSV0myE8tiv3SwDtR9rE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415166feab505-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60d91d0a5_v.css

188.114.96.1

200 OK

0 B

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60d91d0a5_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ca/aweber/lp2/5e4c60d91d0a5_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "0-5c7be0104f95e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbXcmvAe5fRw3zRnteZcsL3JBrYsb2LBY0WK4%2FUN5HUOGoDyNKwbhjr%2BOfyQgH96GjJlpLwW3l%2BcjSdPGQz8wCzrWc575V5uJt8a4gf6aQOJoksSjtX4QgB%2FW6JgnKw1e64Ch%2Fdhwcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151678f51c12-OSL
alt-svc: h2=":443"; ma=60

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
541bbb3c9926e793c2593203060241fa
49e1cdeac3e1f7b560f4247224b066bc1d0f84e5
b7fc19ac675b5ebd94589a550e1fc31975899381492b48fb76cb6b3107d0164c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 20:20:01 GMT
Expires: Wed, 14 Dec 2022 20:20:00 GMT
Etag: "49e1cdeac3e1f7b560f4247224b066bc1d0f84e5"
Cache-Control: max-age=393195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777415171aba0afa-OSL

my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
1d1522de413d0b27a43e7be4efeb0405
58c52eec6da93a26b374308e6189b8af139624f7
d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193

HTTP Headers

GET /p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

slotbusterscasino.com/ca/aweber/lp2/5e4c60e44796a_v.css

188.114.96.1

200 OK

422 B

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e44796a_v.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
422 B (422 bytes)
Hash
9f82ea0a829c5849f628e22d7c8b3187
52102e2fb153ccd5a927da49550330fe7dea77a9
000067a7ed787deab36f39be14e1b3d3d0067d2b00c945ffe0213cf4779a5b35

HTTP Headers

GET /ca/aweber/lp2/5e4c60e44796a_v.css HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: text/css
Content-Length: 422
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "406-5c7be01157420-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWH5b2DUgcMYA3t2YfcGiE6QlEn52Da4xmV2RkTniDVeKOTsEzZvothnIlJXmLFsD5c781Wh0HsdJwWO0fRSoMpy2nuLAJKvsnFWxAoHkFAFqUTLCtkk0LathsGC2jTkigqmriR0BtY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415173c600b61-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js

188.114.96.1

200 OK

37 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60df17883_v.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (526), with CRLF line terminators
Size
37 kB (36952 bytes)
Hash
07c8dc9a8076ba9c70f3c8ffa73bff8c
221e08e6d78472603eb0032aefc58bcf00e099a2
284872944d136c874993f339141624dd957270274f60d1271049b1f8c6bc64f4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/5e4c60df17883_v.js HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Content-Length: 36952
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:37 GMT
ETag: "25372-5c7be00ff3c9d-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l69B9kjXSQxtJBZONttMP0Wpa0ADS7IRwjS9BDGi5sYXEMg8F5RvBsxCPGT1FlKzzrOTCCassbwkbZH1h49mw231%2BIECcN%2F2ebYWaZDceWgNY3lCksrpEs34wdivD9n0ozx6E9RVu%2FM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151739610b02-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js

188.114.96.1

200 OK

15 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60dce6a19_v.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57791), with CRLF line terminators
Size
15 kB (15413 bytes)
Hash
51be772add27a10203d8286e2ce21713
f0e7618a8ccc65d9c8a7381eb9fef9e0182f3c61
d600b452bb0a5034afb83cacb05af8e9be275357c7780fadaf9e22fc0e9a0e71

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/5e4c60dce6a19_v.js HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Content-Length: 15413
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "e2b5-5c7be013f4344-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQDfJSB8C6oE%2FSHrdSTj3sVPFEIJIJhdLJk7aZN2kBc4nmEayr4yvHb5kg1ARpsv2P%2B1BdnQnMY6x%2B%2FbV8bL8sSCCzk5vC36pkTLOBbjCsf1ww35k2W6TYVwioQgp9Z2ARI2p27QEHY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415174f040b51-OSL
alt-svc: h2=":443"; ma=60

bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js

139.45.197.251

200 OK

14 kB

URL HTTP/1.1
bigrourg.net/pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
C source, ASCII text, with very long lines (39559), with no line terminators
Size
14 kB (13926 bytes)
Hash
b0248b30e57fdd1d6f2d1ca431d7cea1
8db557f8498245d59e56fbea78b2256c316e73f8
e0d17f3c9ed344a38fd3526fea8b7221afe6b7c98962141ce0a78345a7424a68

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4470108&sw=/sw-check-permissions-caf4e.js HTTP/1.1
Host: bigrourg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 01 Dec 2022 15:42:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6388cb77-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fdaad09299c95dc4175825bbbbdb213b
cee384d3735d90ec9042e31040ad464d7ace9364
c6b5eb06361f63f886a644a40ff0a1f8432fe24dbf170cf392f799f789faf644

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B5EB06361F63F886A644A40FF0A1F8432FE24DBF170CF392F799F789FAF644"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18271
Expires: Sat, 10 Dec 2022 12:01:15 GMT
Date: Sat, 10 Dec 2022 06:56:44 GMT
Connection: keep-alive

slotbusterscasino.com/ca/aweber/lp2/download.png

188.114.96.1

200 OK

4.4 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/download.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 330 x 153, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4447 bytes)
Hash
2a30989f45d9fb77ae8ea63ab7edfd01
550e4499e96d46819d077d8686cc1fc3391aa271
81540fe6f970e646c60cc2891b048e019b3d3bc94f293ccce40a54c57cdf8f74

HTTP Headers

GET /ca/aweber/lp2/download.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 4447
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "115f-5c7be01111ebf"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pVLBNy2JA%2F1KysYxsmHuz2peFj06n%2FGQu8NDBNchKmvZMv2xo%2BCRoexiVvwtXMnTfdW4SINOZD8dMFSPf64vZ2NpcWNAVrS6gMiFqmg3SmMr%2BbT2kKoUKQLwBIPx5%2Bg%2F%2FGh5UhNMWg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151809a4b512-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60dd8206d_v.png

188.114.96.1

200 OK

6.5 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60dd8206d_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 60, 8-bit colormap, non-interlaced\012- data
Size
6.5 kB (6460 bytes)
Hash
cc3640f8d9c0e62d481db7d02a4eef7d
4122480d540224ecee27a45ed6851004c6b46a04
2bf523c5c856b0d43878370f7b7c1b9d586689141806fae6db83b986912b26e0

HTTP Headers

GET /ca/aweber/lp2/5e4c60dd8206d_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 6460
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "193c-5c7be01391923"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKfLkv7JsATJGN4fUgZ4LJswOi0DrA44XGwhPni4sIYTPVGZVLA9OTe5qEitp4F4m9oDlQDxpIWANXITjsSvugc4UbGv%2Brwq0IB1O9k9LHKk3v0%2BJD%2BUJNvyu3eGKUe2%2Fy9CX2UreyM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151809ad0b02-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

slotbusterscasino.com/ca/aweber/lp2/5e4c60e2e3d2d_v.png

188.114.96.1

200 OK

95 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e2e3d2d_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Size
95 kB (95050 bytes)
Hash
802e9223fa26fae356596c079e4e2474
a46851b3a70409f2f64e228de8c97235384910a2
87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a

HTTP Headers

GET /ca/aweber/lp2/5e4c60e2e3d2d_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 95050
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:42 GMT
ETag: "1734a-5c7be01427f64"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3lyMDoKqPJqptnBlKgWkUMt6HTLffyd9B7sGwy67Woi%2FIVaywARFzuqFyxmmAeL1pjUQf47EFYIk3x0sI%2B9Ho6WdF%2Blp91hMXOvmNvOmZ6izqz9IwfZCu20%2BS%2BOn%2BjV4%2F8QZ5Fy0MQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151808d1b505-OSL
alt-svc: h2=":443"; ma=60

unphionetor.com/vctx?t=90679

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=90679
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=90679 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b76eac981e80b20da54efc503a60dd42
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

slotbusterscasino.com/ca/aweber/lp2/5e4c60de5bb9f_v.png

188.114.96.1

200 OK

51 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60de5bb9f_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 560 x 528, 8-bit colormap, non-interlaced\012- data
Size
51 kB (50614 bytes)
Hash
5e9a658d01128cbcf30ad2a905906f5b
70ef0f9e53f0076cac95db60614566245a6a6dd8
89659abae3d30df93fb9bf7515a14aaaa4da2f56f32156bcf0fad8da59cf6327

HTTP Headers

GET /ca/aweber/lp2/5e4c60de5bb9f_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 50614
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "c5b6-5c7be0100b39d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpk0O%2F%2Fh5LlnVKiWUVWuQR9R9oD2QlgfgIGHswmYJ4YYY1ewiator%2FlY%2Bti4AUpwPHBSedbN83tVC0Etwd5VSDhEyDO6gGE2wvzyEXne330IeZPAyMAAdn54w7WOgWZw5bNG%2F1e2aKM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777415181f550b51-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60e233c94_v.png

188.114.96.1

200 OK

85 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e233c94_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Size
85 kB (85345 bytes)
Hash
55e9f817e0ef97c590a4c229e0529854
d0c61dd6fa85e390b427bf3e3908ca23671e2ad2
a58a58c915d407390d40a48eb719bd3860466ab47c533250dd47f6938b2551e6

HTTP Headers

GET /ca/aweber/lp2/5e4c60e233c94_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 85345
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "14d61-5c7be011c88a0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8erzwqvYRxDEcmtqQfd9lpLNuiGa1mpfKbYLETbBHgx3rjiDNMFXI6VvNzg15q8bTX8PR%2FyrMk4nokkGolwyTwKknV4TAVfeDam3CvXgyKmxoJi22DG7O3eH799lc%2F7Dv5MmLKBHzs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518098c1c12-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60e3b2101_v.png

188.114.96.1

200 OK

76 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e3b2101_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Size
76 kB (76234 bytes)
Hash
2f47d4bd093d6511cf76a449fb672dfc
c2482408a7d5ec6d2ce9e3415832b16fe8e2a7e0
7fed6a9fb598bcea573009c0be86610ce24dd877f97d415ffe7ceed3b44a686e

HTTP Headers

GET /ca/aweber/lp2/5e4c60e3b2101_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:44 GMT
Content-Type: image/png
Content-Length: 76234
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:38 GMT
ETag: "129ca-5c7be01099cde"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsY01a%2BeN%2BzQNEO16372Zvi821sPeE1IqxdeXDErfrxE9p027iehbH0ueYz%2Bsa7QEuJyhxKeBOVlmE5CWSFz8GEcAplYMTPgHJcI3TTOUPKTcPbLz%2F08zaX45JoNoZ7P2rvFhCHg4LQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777415180d040b61-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Size
15 kB (15056 bytes)
Hash
0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

HTTP Headers

GET /s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:33 GMT
expires: Sat, 09 Dec 2023 13:33:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
content-type: font/woff2
age: 62591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

slotbusterscasino.com/ca/aweber/lp2/5e4c60dba3171_v.jpg

188.114.96.1

200 OK

35 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60dba3171_v.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1300x442, components 3\012- data
Size
35 kB (34833 bytes)
Hash
c89b0c713601891480a7629c4ff15236
1efa87c2fc4d483df5347fbe4f71b2ae3dd710b9
dfd7a5590f7cd486818c55098a5a3d391a3e5a82323625e2dd17b7a7dcdd125e

HTTP Headers

GET /ca/aweber/lp2/5e4c60dba3171_v.jpg HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/jpeg
Content-Length: 34833
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:43 GMT
ETag: "8811-5c7be014cef46"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcuf8g7gttEpkMcnqhZCg9tnMYYCIT0wSCQhETV2LMSARJx0ObtJZ%2BRpF0vOSRS%2Ffc3lNf%2B4CaFaDWRuy5ronvCLbBB1jj20rwd%2FOrq0wFuCmp8NdMN0GZSaaIk0UgtThVA%2BzFr%2BLq4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518ca7ab512-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60dfd9d98_v.png

188.114.96.1

200 OK

2.1 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60dfd9d98_v.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2117 bytes)
Hash
72cd866136817a6f7c16d204a4c0331d
1e3078ff441240bc9c24b074818167adf4f6eb4e
ad82010277c5d9b77233c6b068d278cdf4e15d702d57c39cf6900a494f0ee784

HTTP Headers

GET /ca/aweber/lp2/5e4c60dfd9d98_v.png HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/png
Content-Length: 2117
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:41 GMT
ETag: "845-5c7be013c3604"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEDHAyzEcWf6865BTMVbKkWY%2BQDOcPrWrQA8q7dKJ5Gx73jQ0cQK%2FVip66XZ61L5D7Z8R8npOmYdqbTbiqdUkA4ciXtbBhab65SJq7xTzli1UDqp7u6gqIcBeKOQFpEHlenueA9xUfI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518da110b02-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/5e4c60e0405fd_v.jpg

188.114.96.1

200 OK

27 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/5e4c60e0405fd_v.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 124x800, components 3\012- data
Size
27 kB (26939 bytes)
Hash
cd13e712beeba62956510e479018be24
84bd510faa4200b2f284d51fcfa0f5e84d6ed720
580a105bb107ebcce3d544568e204518cbc5b5eb627671fa84bc0b58551d6aee

HTTP Headers

GET /ca/aweber/lp2/5e4c60e0405fd_v.jpg HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/5e4c60e1aa979_v.css

HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: image/jpeg
Content-Length: 26939
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 22:42:39 GMT
ETag: "693b-5c7be01195c20"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DAwpZVr77Mynnf5Fx4%2FNANA0zJXXtO8iU0r5P5e%2Ft7G7fZEyaOmNskrWD%2BAC%2FT36YSmBUZhksPdXcCIAK9G6JcHYhxCx91qJ8CWNJlGqosKw3l7xMkXFqzqJMTzBDoWQDpjYVPyrf0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77741518f976b505-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/alert.mp3

188.114.96.1

206 Partial Content

8.8 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/alert.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:21 GMT
ETag: "2262-5c8e91f489e8b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0nQn5FQFuIjOts4iWxz7nCenQFqQaWQza7ozdKvkZuTCBtyhtVtjH0gbAlCEo6xZ%2FRPsPP6VbgFeCzKyXHaJxG4Oqn7nX%2BGpa%2BLvlkR%2B0yq7MZ2n21nLEC6uju1MUQjuO7w7p3U%2B4g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415192fcc0b51-OSL
alt-svc: h2=":443"; ma=60

670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png

2.18.172.211

200 OK

446 B

URL HTTP/1.1
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 40 x 40, 8-bit colormap, non-interlaced\012- data
Size
446 B (446 bytes)
Hash
f761e602db6145ebaf2e0d30f0d3a78d
c70bb6bd181170532bf9e89b809fc6132920503c
37f02ad34f8925573f5d0174e84af316d40439e158f169676d9a20008a4e8528

HTTP Headers

GET /assets/images/foxtail-blue.png HTTP/1.1
Host: 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Wed, 10 Jul 2019 16:34:21 GMT
ETag: f761e602db6145ebaf2e0d30f0d3a78d
X-Trans-Id: txded4916098fb459599aa6-0063882acdiad3
Origin: https://mycloud.rackspace.com
Content-Length: 446
Accept-Ranges: bytes
X-Timestamp: 1562776460.11389
Content-Type: image/png
Cache-Control: public, max-age=179812
Expires: Mon, 12 Dec 2022 08:53:37 GMT
Date: Sat, 10 Dec 2022 06:56:45 GMT
Connection: keep-alive

propeller-tracking.com/fv.js?t=90679

139.45.197.240

200 OK

24 kB

URL HTTP/2
propeller-tracking.com/fv.js?t=90679
IP
139.45.197.240:0
ASN
#9002 RETN Limited

File type
data
Size
24 kB (24220 bytes)
Hash
8612a2a4331ec379017029c49acd0d4b
3a6055daba5b0e10bf82ac58c1421f786e0a3f5d
b58b304fd90182cc9397afcec331744b918b5b72fc7cafc640da09d4fd622b1a

HTTP Headers

GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:44 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: df39cf263d5407069d4f6127687be163
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

slotbusterscasino.com/ca/aweber/lp2/coin.mp3

188.114.96.1

206 Partial Content

22 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/coin.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Size
22 kB (22067 bytes)
Hash
c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/coin.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:24 GMT
ETag: "5633-5c8e91f7aab0d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR4HxzhPyioKIzu009q%2F1jN8rIRAUFCEZb4HxLy74wPxc2HVo4Jl1QiVlg3RUV4Oe3JHBU6MetjvEpIdNQukXQt3Wv4FhxjPwARQMeNFTOkiNgMSHhrvshSJ5N8dw8ARwK%2Fj4D7x3Js%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415199b0eb512-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 06:07:55 GMT
age: 2930
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

slotbusterscasino.com/ca/aweber/lp2/spin-sound.m4a

188.114.96.1

404 Not Found

283 B

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/spin-sound.m4a
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
283 B (283 bytes)
Hash
c94f3a9d0f3cbab493bf5a259b56e4bc
ca93015902ac8faa5bf74b90e2801110efa67e3e
0d96f9a360cac908073c7d1f305588ef16312acb7f0368ed5d65430a84a5a65f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/spin-sound.m4a HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BV5Ar4MfCZSax5FOUYBJf%2BmWCVsSi6k2e33KGZ7BspEe2uUruJ22grLDpA3738RUzRzzv6Ckr1kD9ZO7X8lh2031B8J9A4Onvm7%2FKXJKueoLz5vsexi%2F1xHWAxyOlQ1vDafWU%2BGvro%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415199a780b02-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/alert.mp3

188.114.96.1

206 Partial Content

8.8 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/alert.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 19:34:21 GMT
ETag: "2262-5c8e91f489e8b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs%2B5laX3udKZnqxIFGu3EpsoY47r7esV0fjY9lzkSAFEqconMQT3AgrKR%2F6lntcDsFW1BqW8%2BTzgVSnRvo0ZQ5K%2FoAQEHY0sJfp1HS10W0i0uhymgt2nuOPUvXdVdXnBO5zdqzwRchI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 777415193db00b61-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/sound.m4a

188.114.96.1

404 Not Found

283 B

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/sound.m4a
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
283 B (283 bytes)
Hash
c94f3a9d0f3cbab493bf5a259b56e4bc
ca93015902ac8faa5bf74b90e2801110efa67e3e
0d96f9a360cac908073c7d1f305588ef16312acb7f0368ed5d65430a84a5a65f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/sound.m4a HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWoFy%2FJ7rCT5wE6F%2BdTpbOyzoSkl%2BbJbA7TocGiFIKT2BSIqubqTzBT3bjGHx71wBGyPBr8eR4G9%2FwigJ7Ny%2FQFcH5BpIzm00lUg6LeSSorHm6BGnAhfLnilARuZXPJy7NiMsx9JQPE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519c9dfb505-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/sounds/alert.mp3

188.114.96.1

206 Partial Content

8.8 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/sounds/alert.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/sounds/alert.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:51 GMT
ETag: "2262-5c8443719ba6f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbyQL%2FdD7%2BPQmHkF4mjbVNa5l%2BmrH4d0aJpy4JXkaLcBwx3CKinPRGcmlW%2BrZGbN5Scn8GJ0McA8tE8HqhSdfXDut7IEhYPOU6OaV44SYLug9Pz%2FDBY0p9d1EFM%2B2nXskdg8W5WpM4I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519f8290b51-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/sounds/win.mp3

188.114.96.1

206 Partial Content

22 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/sounds/win.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Size
22 kB (22067 bytes)
Hash
c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/sounds/win.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:51 GMT
ETag: "5633-5c84437198b8f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1gbGTIKLlGEemXNjEe9cAu7YcbkB5ZtkWQetJ%2FULaUub7gr2iI7%2BuIhVRD0W%2FgENdmLduvE8yTDup2dHL13oGUIfw1qchi9CRY37oaWOBTDaaPH1fAwrIm8eJVJB806VE%2Bazjc3Vu4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77741519fa481c12-OSL
alt-svc: h2=":443"; ma=60

slotbusterscasino.com/ca/aweber/lp2/sounds/spin.mp3

188.114.96.1

206 Partial Content

51 kB

URL HTTP/1.1
slotbusterscasino.com/ca/aweber/lp2/sounds/spin.mp3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Size
51 kB (51290 bytes)
Hash
390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ca/aweber/lp2/sounds/spin.mp3 HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html

HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: audio/mpeg
Content-Length: 51290
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 14:49:50 GMT
ETag: "c85a-5c844371092ae"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Content-Range: bytes 0-51289/51290
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BBO9Knrxfc4s06fi9GfimaAnRvD6E%2FHBPo4aa%2BGE4D%2BzWq73b1%2FeNJNRRFz7zV9iqJt9PwoRIQfQVQmAz5b0VfPUqHz0m%2B8XI%2F7%2FDBbRrKMELqP%2BLfOIBb29ZnzXJZWGWkd1otmSMo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774151a1b83b512-OSL
alt-svc: h2=":443"; ma=60

unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:45 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ce0ccd39c70ac75d9fc47e0a70a31227
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2059
Cache-Control: max-age=96269
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:56:45 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:41:14 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

slotbusterscasino.com/favicon.ico

188.114.96.1

404 Not Found

234 B

URL HTTP/1.1
slotbusterscasino.com/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
234 B (234 bytes)
Hash
55fcd22ed967efd518aaa9f2b4337c53
99a4d34ee36a544e0ef2a94c40b03e85c952a30f
9c8794945b2b60106896b6efee212376433f522a28603ff34576a49f0250062e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: slotbusterscasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://slotbusterscasino.com/ca/aweber/lp2/index.html?cid=wvu8l30fb53nlm2l27871p54&camp_id=5ceac543-972d-48f9-8bab-3bf7f5e25c50&campaign.name=Email%20Collection%20Canada%20Push%2024th%20August&lander.name=Aweber%20Lander%202&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=W0asaGt6Y3m6C-Y2kI6aWtOMygk2ZdhrA8oMJB_l7vohHgn5clWif4sOuyC4g0XwURSG-RH6Xc-5uGYNgMygHU8os50k347IrpQWJbUKmWGe-suWd10JmLmbBd8kuKApEnatlwYAfZe6UM6dIf6n96ua--DMPfUZxUIbdTfxrmqSXDWBLUsrbd67cq8d653akFMWY8oSHZ84O-9VdNOynZ_TQK5iem-EnGUmGZt4Dw6mgilEoN3TbpByR_7NaPKVnWvPsc64QMBXQWyfVqB97k1YCZa01aiEM8KIN3aVUR9W5YzKkV5x5opcSLhQLTnNMxjAEgYwFZw_yOfYbjw2_wdtvOXAjK9lO7ny-Ulx_8gmHMikVV-YQ-GJqy557GyIvoPXA3RDX2f9BpqwT9lbwA&lptoken=1656706365ad71398727

HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 06:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJgC8mWn8fc1tsiAr%2BY7dk0VLgNxFOAmjJKMEyx5wdhTI1eEStXFSBXk5t1H5I2Ppaydt3UUEm3YLGqwXjLjrJ89DXFF0Z0Jrnr%2B7TdW%2F4s31wQw%2B37eF4fKeeazGQmVH%2FCJqk0%2Byb4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774151afa8eb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fslotbusterscasino.com%2Fca%2Faweber%2Flp2%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:56:45 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f49eb35bbae54f8392bc54a3dc9a1935; expires=Sun, 10 Dec 2023 06:56:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.149.164

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.149.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ev1juhTJiHNxOC2c2nR4uQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4i1aseIPjwZ6CGEua/qZiIQaTyQ=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Sat, 10 Dec 2022 07:40:39 GMT
Date: Sat, 10 Dec 2022 06:56:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8473 bytes)
Hash
afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 32465
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9084 bytes)
Hash
2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O3gPppRKbJb__o2lo3RsvabqgptV-zvDLbm1AweL11hrZxfOev6kvA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:34 GMT
age: 32172
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 12485
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12047 bytes)
Hash
d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: a8082dc0-21cd-4fd8-8c3b-50a0b03b6200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_rGiaIAMFnLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-2a0096650760715e6201b97a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81ITdqoxk0_9sH9c9Nu9t50Ke2BDkI9RJqxFPziuYZwcpwnmpwfWYQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:26:51 GMT
age: 30595
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9209 bytes)
Hash
4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 31922
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6342 bytes)
Hash
96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0D5JLUwjeMjMjD7HCMS1LAzYQh8B2zynnZqCtsd1yrmcOcjQbWaHw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 32475
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2887

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2887
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbri?t=90679&bid=undefined&aid=undefined&tp=2887 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://slotbusterscasino.com
Connection: keep-alive
Referer: http://slotbusterscasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 06:56:47 GMT
access-control-allow-origin: http://slotbusterscasino.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ccdf6166277914460d91ee8b79ec10b9
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations