GET gs.aff2go.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET gs.aff2go.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectaff2go.link
FingerprintAC:2D:E3:5A:32:B6:A0:61:65:AE:35:1E:E7:1C:F5:F2:39:CE:6D:C4
ValiditySun, 19 Jan 2025 09:51:30 GMT - Sat, 19 Apr 2025 10:50:01 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: gs.aff2go.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Cookie: XSRF-TOKEN=eyJpdiI6InVxZ2V5STdicDNWZVExSHhqeExTTlE9PSIsInZhbHVlIjoiXC9zMlVPNXVLZHNTdHFwcUo2MnM2YitZbmZ0QTNNWGh0dk4xZUVlamJjQXp6aU1HMGZcL0xQNWRIUDMycTFGTG56IiwibWFjIjoiZjBjZTdlN2QwMGY2NGY0NzEyNjMyYTExMTM3OWU0MTdlNTg1NjU4NGNkMDFlZThkOTQzYTVkMWNkZWU1OTVjMSJ9; redirector_session=eyJpdiI6IkNFRkZZYkZMdVZUNVpmZnVRNVpQeEE9PSIsInZhbHVlIjoidjBscmNaMmJRc3Iyb2dXWGpsZkIwdW96d2IzVFlmY0FEVkJ1enpKWm90djB0Y3pqUUIxd0RmUXJnTjFoamhoUyIsIm1hYyI6ImE1ZjliNTg5OTUzZGE0N2NkZWRlODYyMGM3MDc5ZGU3YjlmODkyOGQ2NDVmYzVlNWU3Yzk3MjZmZWNhOTVlYjcifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Mar 2025 09:05:28 GMT
content-type: application/javascript
last-modified: Tue, 11 Mar 2025 18:12:36 GMT
etag: W/"67d07d14-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l08qHjJaVmf1cEbiHL%2BXI7zEfUNK8d5XOKS6bKATs3MpMZZU7sJtdUnE9zhVTTzCFBIloEd0c%2Fzmw3rfhr%2BL30U%2BGA2W7vNrsKagR1DaWHe5bIWYIdHY1qbs%2B6YdJSszfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96c1c58b521-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 17 Mar 2025 09:05:28 GMT
cache-control: max-age=172800, public
content-encoding: gzip
GET stats-api.feedconstruct.com/images/e/b/0/974.png
200 OK 14 kB URL GET stats-api.feedconstruct.com/images/e/b/0/974.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 6646e43a365362503087f917bee7a9ff
7b1d56025e68d533a3c562fc43be79c33eb7e920
fec1ae613957ac6f092c0069b07ed789ae7c2de98c2d195ae25f19180ad3f2cc
GET /images/e/b/0/974.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 13686
last-modified: Sat, 07 Apr 2018 11:01:53 GMT
etag: "1b562cd65fced31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=eIVRnXv5Wx20mWPG6Qqf5mIF4C0gOn1Feb_tAzgnUxQ-1742029534-1.0.1.1-JtZjQkYaIuSDN2ptYU_STG2l8Mg6kygC25.LN9dU4_kRfverc_ktuBQN0Lj7KKmBWDFjXVD5RfvSvVFoqhQLpPTtraZ2RX9GEDBEJSBTQco; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b5c0bebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/infin/LionGemsHoldandWin.webp
200 OK 31 kB URL GET netcontent.cc/goldenstar/i/s3/infin/LionGemsHoldandWin.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d7385de88d3aff851960d9ed5525bb8c
b99dd58c259d8ed1c1472eab19ad9020672f602e
e1bbcf49fa4f60dc466e5e28bfb4dbc5ebb2ee186b766df719a03ebf7fb12e69
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/infin/LionGemsHoldandWin.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 30858
last-modified: Wed, 16 Mar 2022 10:30:03 GMT
etag: "6231bc2b-788a"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1dc87128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spribe/aviator.webp
200 OK 16 kB URL GET netcontent.cc/goldenstar/i/s3/spribe/aviator.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 8a6f2bf453bbd5097e57999fc7ab5272
9c0f119b0cb136d8296fa449bf49efef34258734
28fed43e0f3554a40db0470abb107dd4e4c02f19bb1055725e05e710ff2c241c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spribe/aviator.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 16136
last-modified: Thu, 22 Apr 2021 12:25:02 GMT
etag: "60816b1e-3f08"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a807128-OSL
X-Firefox-Spdy: h2
GET gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
200 OK 8.5 kB URL User Request GET gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
IP
Certificate IssuerGoogle Trust Services
Subjectaff2go.link
FingerprintAC:2D:E3:5A:32:B6:A0:61:65:AE:35:1E:E7:1C:F5:F2:39:CE:6D:C4
ValiditySun, 19 Jan 2025 09:51:30 GMT - Sat, 19 Apr 2025 10:50:01 GMT
File type HTML document, ASCII text, with very long lines (8870), with no line terminators
Hash 1b81ec284ca4ecaea56f6c05baf32a60
92590fc9e0cfc929f7a81b1822ca3f2f5ecd8af6
ca596837a560dc4a08aa5d4504ddc7f22be99ccc476d2c5ad703cf5e2e8507df
GET /?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073 HTTP/1.1
Host: gs.aff2go.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InVxZ2V5STdicDNWZVExSHhqeExTTlE9PSIsInZhbHVlIjoiXC9zMlVPNXVLZHNTdHFwcUo2MnM2YitZbmZ0QTNNWGh0dk4xZUVlamJjQXp6aU1HMGZcL0xQNWRIUDMycTFGTG56IiwibWFjIjoiZjBjZTdlN2QwMGY2NGY0NzEyNjMyYTExMTM3OWU0MTdlNTg1NjU4NGNkMDFlZThkOTQzYTVkMWNkZWU1OTVjMSJ9; expires=Sat, 15-Mar-2025 11:05:28 GMT; Max-Age=7200; path=/
redirector_session=eyJpdiI6IkNFRkZZYkZMdVZUNVpmZnVRNVpQeEE9PSIsInZhbHVlIjoidjBscmNaMmJRc3Iyb2dXWGpsZkIwdW96d2IzVFlmY0FEVkJ1enpKWm90djB0Y3pqUUIxd0RmUXJnTjFoamhoUyIsIm1hYyI6ImE1ZjliNTg5OTUzZGE0N2NkZWRlODYyMGM3MDc5ZGU3YjlmODkyOGQ2NDVmYzVlNWU3Yzk3MjZmZWNhOTVlYjcifQ%3D%3D; expires=Sat, 15-Mar-2025 11:05:28 GMT; Max-Age=7200; path=/; httponly
x-frame-options: ALLOWALL
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5D4RZPVBcgFnDnHCKtbHVWIj1Q2fmZvBB1yzMNOdt35vB05CHUTbnVVb9adEvkD6RU51RRQAubSC73A33Qas4Vot1EJFSpQ3vwuUTa98YfeDhyuTt%2B1wP9fplUYs7fOBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad969ed1d0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5948&min_rtt=503&rtt_var=10926&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1339&delivery_rate=7438356&cwnd=254&unsent_bytes=0&cid=d457ffb38dd2cdbe&ts=105&x=0"
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Open+Sans:100,100i,300,300i,400,400i,500,500i,700,700i,800,900,900i&subset=cyrillic
200 OK 52 kB URL GET fonts.googleapis.com/css?family=Open+Sans:100,100i,300,300i,400,400i,500,500i,700,700i,800,900,900i&subset=cyrillic
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type ASCII text, with very long lines (1572)
Hash dba83213dc3d8f4f6421fe49ab6f9b2b
4aae598adf54bfbd80adfe812866bb9af782437a
1838420f625ed7d4887dc86d9b80d8e6538107bac9a046a770f3cffbe5e832f5
GET /css?family=Open+Sans:100,100i,300,300i,400,400i,500,500i,700,700i,800,900,900i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Mar 2025 09:05:29 GMT
date: Sat, 15 Mar 2025 09:05:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/games/providers?device=desktop
200 OK 7.0 kB URL GET goldenstar-casino.com/api/games/providers?device=desktop
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (8214), with no line terminators
Hash b43ec7a0fa408d673fb1c1740635d41f
11d53c4611e99e5438861fd5a671ea95ab539792
1fa38c93e1b76de9231869edb5ab510aecdaa34bce58b22d123d440af8f39953
GET /api/games/providers?device=desktop HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 4164454439145242001
x-datadog-sampling-priority: 1
x-datadog-trace-id: 5940086689045242263
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 6974
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"c8df073bea0ed67482494ffb656cab0c"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad97af9b1eb4c-CPH
x-runtime: 0.197346
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97af9b1eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/slots.cfa2f56b..svg
200 OK 3.5 kB URL GET goldenstar-casino.com/images/slots.cfa2f56b..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 140f1a82a1451baf2de2cee242e486ed
e657c069c500c8199071b382b1dd62bfff752436
88c3dd27b2301d512d34629277414bab18837df156f5fa9573b84eff06095861
GET /images/slots.cfa2f56b..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-da8"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1dfaeb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/11.Gv78iMd6.chunk.js
200 OK 240 B URL GET cdn.livechatinc.com/widget/static/js/11.Gv78iMd6.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash de9a9a727224304caeacd3f6b7b44a49
62dc55ace7c5a4e0209ac03e238ed65212808fb2
a7f6797705782e89032c74753d69be636a73752ccfda0f92af6758621ea2a0ed
GET /widget/static/js/11.Gv78iMd6.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 04 Jul 2024 07:09:03 GMT
etag: "8ec94005c25c7e0874b7b048ea97dc00"
x-amz-server-side-encryption: AES256
x-amz-version-id: Dz7PZLVEW7jbvuZcL9ZiaJ89o3NzS8CS
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: HApx_Z-s9z-yW8asrMMEdjneVhTCubV4R_6u7kpt1r8fRVeymZBCgQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 166
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672
200 OK 1.7 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1962), with no line terminators
Hash caa404a086393a6e481f75285355402e
36955f20077f37a8001234fbcc251767312b29e0
818956f856174e80d923978227a58f12ed8d8f4e1c2a44681593531cf045834e
GET /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 15 Mar 2025 09:05:43 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/logo.svg?hash=31a494b90ea3478e114fd0f14060b7dc
200 OK 15 kB URL GET goldenstar-casino.com/images/logo.svg?hash=31a494b90ea3478e114fd0f14060b7dc
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 31a494b90ea3478e114fd0f14060b7dc
5283ecd6000298e83a102105649d3141131b806c
7c1d06fcb64da6b00e2697890b58634a3c5fe6207670a97d0e661eb4a741c20c
GET /images/logo.svg?hash=31a494b90ea3478e114fd0f14060b7dc HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-3b73"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9846d10eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/3oaks/gold_express.webp
200 OK 35 kB URL GET netcontent.cc/goldenstar/i/s3/3oaks/gold_express.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0c1323a2c4ec7dbff7d37d53fabf515a
fdad6e0c9dd15634703fe46d44cdce409b870dd0
30f874a2640741438951d8157a816ead023a8113c9bbddb4137715830f30e747
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/3oaks/gold_express.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 34608
last-modified: Tue, 27 Sep 2022 12:05:03 GMT
etag: "6332e6ef-8730"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 64385
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1dc37128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/AncientIslandMegaways.webp
200 OK 82 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/AncientIslandMegaways.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 763d8f16e6127d0467ebc37781f87d34
65c1f9fc3127a082905473c121d96e31edc5c695
ccd08e0494a224489746a211f3fe46e703ac949aa19131de5345fb9a927f6d62
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/AncientIslandMegaways.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 81602
last-modified: Fri, 07 Feb 2025 11:15:04 GMT
etag: "67a5eb38-13ec2"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c8447128-OSL
X-Firefox-Spdy: h2
GET pixel-us.convertagain.net/pixel/js?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d
200 OK 409 B URL GET pixel-us.convertagain.net/pixel/js?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerSectigo Limited
Subject*.convertagain.net
Fingerprint84:0B:F4:43:8C:DA:0C:EE:6E:52:BE:1D:56:AC:DF:0B:FC:DE:E8:6F
ValidityMon, 17 Feb 2025 00:00:00 GMT - Fri, 20 Feb 2026 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (447), with no line terminators
Hash a2767d6b7eba4562bb067ddd07b5094e
e59ee7edf1aa26436b6f5c6fc805bd56eadce27c
582a21df1a39fb7a0f938008acffc54279e2fb877f3c4743cba1e97e781157f0
GET /pixel/js?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d HTTP/1.1
Host: pixel-us.convertagain.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Mar 2025 09:05:36 GMT
Content-Type: text/javascript
Content-Length: 409
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
POST region1.analytics.google.com/g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=custom_session_start&ep.debug_mode=true&ep.utm_source=(not%20set)&ep.utm_medium=(not%20set)&ep.utm_campaign=(not%20set)&ep.utm_content=(not%20set)&ep.utm_term=(not%20set)&tfd=12296
204 No Content 0 B URL POST region1.analytics.google.com/g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=custom_session_start&ep.debug_mode=true&ep.utm_source=(not%20set)&ep.utm_medium=(not%20set)&ep.utm_campaign=(not%20set)&ep.utm_content=(not%20set)&ep.utm_term=(not%20set)&tfd=12296
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=custom_session_start&ep.debug_mode=true&ep.utm_source=(not%20set)&ep.utm_medium=(not%20set)&ep.utm_campaign=(not%20set)&ep.utm_content=(not%20set)&ep.utm_term=(not%20set)&tfd=12296 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 204 No Content
access-control-allow-origin: https://goldenstar-casino.com
date: Sat, 15 Mar 2025 09:05:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:137:0
report-to: {"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET goldenstar-casino.com/js/pages_.a28abb0b.js
200 OK 344 kB URL GET goldenstar-casino.com/js/pages_.a28abb0b.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 344 kB (344331 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/pages_.a28abb0b.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-5410b"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
age: 5706
expires: Sat, 15 Mar 2025 13:05:30 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad976decceb4c-CPH
X-Firefox-Spdy: h2
GET assets.customer.io/assets/track-eu.js
200 OK 6.8 kB URL GET assets.customer.io/assets/track-eu.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerAmazon
Subject*.customer.io
Fingerprint15:BE:B0:52:FA:BB:41:70:4D:E7:82:18:AC:42:63:9D:D0:C9:10:AC
ValidityTue, 17 Sep 2024 00:00:00 GMT - Tue, 14 Oct 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7020), with no line terminators
Hash 6dce30bbb07b14cdd7c246071507cfbf
de350d3ba16d875bf4e4f4cc34c179ce4873cf6e
e80422d49fbe3f2f0100cfc3d26405a6bc82b38248a079e55abf5be416c710e7
GET /assets/track-eu.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 07 Feb 2025 09:37:36 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: a9tk16blSQ0y6FLTbRFVncckOwd2Kvau
server: AmazonS3
date: Sat, 15 Mar 2025 01:19:47 GMT
etag: W/"89bb1ea1bdc740b2b95a387fdb9e23da"
x-cache: Hit from cloudfront
via: 1.1 37485b4aa4feacfc1ca26cfa4163e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: Bd0uUIJTkDdkMTKAge-QsZna3xmhMY6HhDktUpmAPpDi4coYoDNlpA==
age: 31035
cross-origin-resource-policy: cross-origin
vary: accept-encoding, Origin
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/dial_codes
200 OK 432 B URL GET goldenstar-casino.com/api/info/dial_codes
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (560), with no line terminators
Hash ee8f9ff6fd267a6203edc70b79b19cec
6649ccab4eb494aea3d1edb9f82571fe6d1d1f0f
4064bd40dad4298849744ed08921af16dacaa31e3cacf3c515f886e17425ce37
GET /api/info/dial_codes HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 3963634881771970123
x-datadog-sampling-priority: 1
x-datadog-trace-id: 1239286280145517640
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 432
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"cfd441d0a677052a6ded8c7c4dbaf042"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9832f6deb4c-CPH
x-runtime: 0.007028
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9832f6deb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/current_ip
200 OK 85 B URL GET goldenstar-casino.com/api/current_ip
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 8e5de2a33e5d803f8bfa6a68ffb791d0
3fa0da63b1f639d1a7e07c9d1dd9f7720d4dea1c
e2bd01204ba683bbe90e43e2e34d5bc09b762fbc1c0de18692a8f5b841cc0c1b
GET /api/current_ip HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 2836065553768357778
x-datadog-sampling-priority: 1
x-datadog-trace-id: 5105275281424832373
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/json
vary: Origin, accept-encoding
x-request-id: 920ad979399aeb4c-CPH
x-runtime: 0.000820
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad979399aeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTBLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2ae9c1c76eae068ef552a6273ac322b0b0b689ff/twitter.svg
200 OK 780 B URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTBLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2ae9c1c76eae068ef552a6273ac322b0b0b689ff/twitter.svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 75df2267fbd7cdd6061b17276fb98a2c
f1021d7f1e6e7e001c83983c62ff771bdb5c2250
e5ce6bf97de3221d429dd9327497dd27d3a279c756f630f11f238a371b375dec
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTBLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2ae9c1c76eae068ef552a6273ac322b0b0b689ff/twitter.svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
content-disposition: inline; filename="twitter.svg"; filename*=UTF-8''twitter.svg
content-security-policy: block-all-mixed-content
etag: W/"165c0893ac0222eb49e95eb950581649"
last-modified: Fri, 24 May 2024 10:51:56 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7DBD7E3A524
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 920ad9847d4deb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/486.png
200 OK 9.3 kB URL GET stats-api.feedconstruct.com/images/e/b/0/486.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash ecebb1e9b8befbdccba6e6130c6e7406
a7c13152c6c1ba7969a2c0efacac4407f131b23f
17b25bee02d536b626302595f4ad194df0b363e0abc5446e089e6a5edc61fe33
GET /images/e/b/0/486.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 9330
last-modified: Thu, 21 Apr 2016 08:11:58 GMT
etag: "8c938c79a59bd11:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6828
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=IH15pxWYp.VPUlUspSyZS6dMnei9ALzfVmodXVY5mP4-1742029533-1.0.1.1-jB7Vn9dC1Ue7Tr2QCBd62fB_j7z_I19BYzR.WWWgFbVRsPtM0L6uZT6ACGztjN_MXbMVDOgGbt3wl2OgRPgUxp5rzeWkLXOPmt_C4BTdgto; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4ba2ebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/immersive_roulette.webp
200 OK 22 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/immersive_roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5eea663cceee4541cd4cb69d5bc3c362
0d719b1019ecbefe66cafe294a608624e0ff2a1c
674f7aacc333b7bb4e7ea6dd004cfd3cf0f533a6a739eadcad15b5e580e60cf4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/immersive_roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 21536
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
etag: "5d146666-5420"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99129047128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/deutsches_roulette.webp
200 OK 14 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/deutsches_roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ad7e1ccef7af7b5ed34196c048218919
f01cd2423a4e3193729b106d2c3ddd4b198fbab0
8665ab695f4c43c68d75c27dbfe4337b9fc41f5733431951b30c4ea4d6a6f887
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/deutsches_roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 13846
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
etag: "5d146666-3616"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99129087128-OSL
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Mar 2025 10:12:20 GMT
expires: Fri, 13 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 168791
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spribe/goal.webp
200 OK 7.9 kB URL GET netcontent.cc/goldenstar/i/s3/spribe/goal.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 926ae881746e0075353520f9454deacc
bf2f8bdc13e37c58b8c04d02550ecb9e745da9b5
0180a73c4e1f9e33152c14088cce0708637df297ab2b171c15adff791614bc81
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spribe/goal.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 7904
last-modified: Thu, 22 Apr 2021 12:25:02 GMT
etag: "60816b1e-1ee0"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 30163
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9923aa17128-OSL
X-Firefox-Spdy: h2
GET tracker.ads.sportradar.com/dist/tracker.js
200 OK 28 kB URL GET tracker.ads.sportradar.com/dist/tracker.js
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
FingerprintCB:F9:81:F2:44:8F:D4:3C:79:ED:4B:35:B1:D0:7F:B2:85:8B:D1:ED
ValidityThu, 06 Feb 2025 05:40:51 GMT - Wed, 07 May 2025 05:40:50 GMT
File type JavaScript source, ASCII text, with very long lines (25690)
Hash 235331a0761142ae4fd345cdf7c7f9ed
f71a2cb5824a7049b2c86f5658f48e17ff7f588c
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "235331a0761142ae4fd345cdf7c7f9ed"
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: mp_X4dEMj8u1pcjhFw4UjwaBpx7l_711xgNWYAw7Qdz0ck_Boi2CDQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 6405
date: Sat, 15 Mar 2025 09:05:36 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/assets/FontManifest.json
200 OK 2 B URL GET code.gist.build/renderer/0.4.5/assets/FontManifest.json
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /renderer/0.4.5/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: application/json
content-length: 2
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx0000044380ab6e5afc8d2-00679213c7-4759a3de-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nz28K1QUIeYjjgOxotlA9MsZRsQuxirc0txGlN5zDhtAwdrw6bX1vI1o%2Fu%2BEMbHZFrgjKRVfuC8CR81jbfklNhxLTbuM72%2FIwpjSxBmTi%2FXmmAURwykWgLuvJ2%2B7AoDsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9c148e1b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1275&min_rtt=430&rtt_var=1229&sent=873&recv=164&lost=0&retrans=1&sent_bytes=1180365&recv_bytes=2301&delivery_rate=31679124&cwnd=266&unsent_bytes=0&cid=858f80552fabc0b1&ts=9936&x=0"
X-Firefox-Spdy: h2
GET cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 9.2 kB URL GET cdn.onesignal.com/sdks/OneSignalSDK.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.onesignal.com
FingerprintF8:20:84:4B:9A:62:47:21:C1:97:D5:B2:2D:5E:2E:D8:80:73:D8:34
ValidityWed, 26 Feb 2025 11:49:11 GMT - Tue, 27 May 2025 12:49:10 GMT
File type JavaScript source, ASCII text, with very long lines (9410), with no line terminators
Hash cdb3ffce0d700ab775540992e21f549b
ca7b366826232dfac100fb9da8a15c507d3f148d
66c256e22baaf7b214a4b9d3c211a420e3fac0234eb0b6b7484c13c3d8d34050
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/javascript
etag: W/"09282956186c8515ef0d208902803581"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 505
expires: Tue, 18 Mar 2025 09:05:30 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=UWBSm.NYWZ.SKPDSlL_IIUTfqzCcea74vt6h9IQCwWo-1742029530-1.0.1.1-it7Ork777m9cAMKWWmWjqAYWYNmtSuuAjHoT9fkrmmWtmIS1M1R7puy87QR.qbw2QWzer7lZjLDYX7C77R3Ww8E4EMJJQ5_cHYP8imKGFWw; path=/; expires=Sat, 15-Mar-25 09:35:30 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 920ad977df2d56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2
GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0GLZ8XMX5L&cid=1264217836.1742029536>m=45je53d0v9176987653z89176994058za200zb9176994058&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1391627350
200 OK 42 B URL GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0GLZ8XMX5L&cid=1264217836.1742029536>m=45je53d0v9176987653z89176994058za200zb9176994058&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1391627350
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0GLZ8XMX5L&cid=1264217836.1742029536>m=45je53d0v9176987653z89176994058za200zb9176994058&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1391627350 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 15 Mar 2025 09:05:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
200 OK 1.7 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1962), with no line terminators
Hash caa404a086393a6e481f75285355402e
36955f20077f37a8001234fbcc251767312b29e0
818956f856174e80d923978227a58f12ed8d8f4e1c2a44681593531cf045834e
GET /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 15 Mar 2025 09:05:43 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/WildWildebeestWins.webp
200 OK 65 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/WildWildebeestWins.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash fbd0d6b3ec69bddb9d92b1b9c5b85dca
a44f9ae1664c857d7c8b1dec6b1c179b6899abbb
10b2909f81b71a52f050316342aa922e6701aa9cc0a01bc0deead2f3c4bb428d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/WildWildebeestWins.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 65244
last-modified: Fri, 24 Jan 2025 14:35:06 GMT
etag: "6793a51a-fedc"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 30162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c85e7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/KirmiziTurkishBlackjackX4.webp
200 OK 21 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/KirmiziTurkishBlackjackX4.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ca4bb231c639e4d3df3b4d1faf4addc3
0b82dd0271e36e4fe474b5acab1f12343d6c8e34
a3800b904b8059ae91c11faf4c1a2c33b91fd10123efed727ad0a3714a2b5593
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/KirmiziTurkishBlackjackX4.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 21328
last-modified: Tue, 18 Jun 2024 14:00:05 GMT
etag: "667192e5-5350"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99128fa7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/playtech/AllbetsBlackjack.webp
200 OK 36 kB URL GET netcontent.cc/goldenstar/i/s3/playtech/AllbetsBlackjack.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0aa13dff062b252ee548131a1bf98947
f725f1aad4d6fa2495f1f33473581fdfa13accba
509bc7b86c60c9b0c3d3b343ae3af2ae677ebcab006dcb78b38dd61a79122c80
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/playtech/AllbetsBlackjack.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 36134
last-modified: Wed, 08 Jul 2020 09:30:04 GMT
etag: "5f05921c-8d26"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99139207128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js
200 OK 193 B URL GET cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 888857dd09626a3a8d1a5e5e5d295dd7
11d112915e6794be6d36fad76f174f88232bf07d
590f381f217d89276b6837d551c926be1196cf57737c82f30da0e4c2f007f383
GET /widget/static/js/4.C_rgEAoe.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 03 Sep 2024 09:43:31 GMT
etag: "1771376dc07da48b3f03339d86d57b7b"
x-amz-server-side-encryption: AES256
x-amz-version-id: FYqIglfK_Tse58SVRo900KYOsHC8qkt.
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 7zzVoPpNaxIGl5i_54j1jePYhux_ciZ3vMnB3htzuICDR_k5_1vt0w==
vary: Accept-Encoding
content-encoding: gzip
content-length: 159
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/main.dart.js
200 OK 1.9 MB URL GET code.gist.build/renderer/0.4.5/main.dart.js
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type JavaScript source, ASCII text, with very long lines (727)
Size 1.9 MB (1910057 bytes)
Hash 267078f58c6c0e286ecd4da237a279d1
9af428a784b1e050b8a2a8e863a7dec3f7309f98
14ae57ab2541bf0aafc4b1928cfdfdb6012feeda5c5581d5bb644d0a839a74d1
GET /renderer/0.4.5/main.dart.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 15:15:58 GMT
x-rgw-object-type: Normal
etag: W/"267078f58c6c0e286ecd4da237a279d1"
x-amz-request-id: tx00000fc608aab5ae1ad15-00679213c7-4759a343-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
age: 2283
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbhBKPVZtxA872CWLcIzqNM2bLLzXzTPq7QQxLt7ypuyoO4yuHkQb2XuKGEQHqvWKAAkJKeFRX%2FXoem3XvVyT7H4CzDDHJdopbf5QHcYxTa%2FDAHCVyEX8K%2BUSfv8zKryww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9ba5e87b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=928&min_rtt=511&rtt_var=366&sent=38&recv=24&lost=0&retrans=0&sent_bytes=26037&recv_bytes=2100&delivery_rate=25923273&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=8826&x=0"
X-Firefox-Spdy: h2
GET gs.aff2go.link/favicon.png
200 OK 1.3 kB URL GET gs.aff2go.link/favicon.png
IP
Requested by https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectaff2go.link
FingerprintAC:2D:E3:5A:32:B6:A0:61:65:AE:35:1E:E7:1C:F5:F2:39:CE:6D:C4
ValiditySun, 19 Jan 2025 09:51:30 GMT - Sat, 19 Apr 2025 10:50:01 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash 4e2bfa785dd486ef2a6b97c81222e896
d125c0db9b562f37f85912ea1ea669beb7af7314
d25132127a8374edfeb7c392b7d80e5ea9231e2b0d1e924fa7c84d35b488e96d
GET /favicon.png HTTP/1.1
Host: gs.aff2go.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Cookie: XSRF-TOKEN=eyJpdiI6InVxZ2V5STdicDNWZVExSHhqeExTTlE9PSIsInZhbHVlIjoiXC9zMlVPNXVLZHNTdHFwcUo2MnM2YitZbmZ0QTNNWGh0dk4xZUVlamJjQXp6aU1HMGZcL0xQNWRIUDMycTFGTG56IiwibWFjIjoiZjBjZTdlN2QwMGY2NGY0NzEyNjMyYTExMTM3OWU0MTdlNTg1NjU4NGNkMDFlZThkOTQzYTVkMWNkZWU1OTVjMSJ9; redirector_session=eyJpdiI6IkNFRkZZYkZMdVZUNVpmZnVRNVpQeEE9PSIsInZhbHVlIjoidjBscmNaMmJRc3Iyb2dXWGpsZkIwdW96d2IzVFlmY0FEVkJ1enpKWm90djB0Y3pqUUIxd0RmUXJnTjFoamhoUyIsIm1hYyI6ImE1ZjliNTg5OTUzZGE0N2NkZWRlODYyMGM3MDc5ZGU3YjlmODkyOGQ2NDVmYzVlNWU3Yzk3MjZmZWNhOTVlYjcifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: image/png
content-length: 1276
last-modified: Fri, 29 Mar 2024 11:31:43 GMT
etag: "6606a69f-4fc"
x-frame-options: ALLOWALL
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKNkmIodkG8YLv4jkWSPLj63a1k6AaO8S1LTrsh7Q8b7K%2Fp35I%2FOpAJRHveOnpU5vBPVb2vVo%2BJbVoYW81DvtEzQ8kc%2F1LqS%2BuMICtgOEkQH%2B%2B5GeIqfCAWtZUkaWOZi6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96c3c92b521-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5821&min_rtt=1553&rtt_var=3374&sent=14&recv=10&lost=0&retrans=0&sent_bytes=5296&recv_bytes=2573&delivery_rate=4381&cwnd=12000&unsent_bytes=0&cid=be86654f34c2a2e7&ts=338&x=1", cfExtPri, cfHdrFlush;dur=0
GET goldenstar-casino.com/js/defaultVendors.ed37a1db.js
200 OK 1.2 MB URL GET goldenstar-casino.com/js/defaultVendors.ed37a1db.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 1.2 MB (1203638 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/defaultVendors.ed37a1db.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-125db6"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfe0eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/ping.png?1742029530795
200 OK 926 B URL GET netcontent.cc/ping.png?1742029530795
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash 3ee6b8099eefaa352c3d694adc605a30
837339f6abd45a0a8e2921f84e9c07c7c3c56ccf
a11849ca516f93f71253486d07b192542bbdc550ee18e5458e76b89bcd403e88
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ping.png?1742029530795 HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: image/png
content-length: 926
last-modified: Thu, 27 Jun 2019 06:47:11 GMT
etag: "5d14666f-39e"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
expires: Sat, 15 Mar 2025 13:05:30 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad977bf287128-OSL
X-Firefox-Spdy: h2
GET sports.goldenstar-casino.com/api/v2/matches?match_status=0&match_status=1&limit=10
200 OK 43 kB URL GET sports.goldenstar-casino.com/api/v2/matches?match_status=0&match_status=1&limit=10
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash 12f20765d03cbda18e85a810a76f59f0
886bdd1663f18d65fd1c644039b1e5c4dcb6bf8e
2581a3aca81fdc904188141dcdb85c6d2468a5b4d7e3809de8f99a037f99765b
GET /api/v2/matches?match_status=0&match_status=1&limit=10 HTTP/1.1
Host: sports.goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
X-Display-Mode: browser
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS, DELETE
access-control-allow-headers: Authorization, Origin, X-Requested-With, X-Display-Mode, Content-Type, Accept
access-control-max-age: 1728000
x-request-id: 135e5ce9e90236d3f323302ce0421b7a
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9829cf3eb4c-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET netcontent.cc/i/flags/rectangular/en.svg
200 OK 1.1 kB URL GET netcontent.cc/i/flags/rectangular/en.svg
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type SVG Scalable Vector Graphics image
Hash 5583784423b8cf9043ad38bbb15ccea9
f786d5630a42d1e28b423c6c4c947e5649b2c395
187ff0208a2bfa34d86d004f9921150e03025dad72e58bf2cf8ed099482bb4ad
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /i/flags/rectangular/en.svg HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
etag: W/"61e66da7-41d"
expires: Sun, 16 Mar 2025 09:05:32 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58120
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9845c737128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVFLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--14bc2a1e0593f71595178554eee2524fb6f2f91a/instagram.svg
200 OK 4.6 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVFLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--14bc2a1e0593f71595178554eee2524fb6f2f91a/instagram.svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash bcf8753e1b007dbf00d9523fef7fb052
565d62c62a34319caff0748541d226f4bd1f6e93
09db4f23dca463982d82f9fa04e6cff3c739a13e7ea5593f61170ea18385aa1b
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVFLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--14bc2a1e0593f71595178554eee2524fb6f2f91a/instagram.svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
content-disposition: inline; filename="instagram.svg"; filename*=UTF-8''instagram.svg
content-security-policy: block-all-mixed-content
etag: W/"d5ae1eee8dcd0389711cb1af5187057e"
last-modified: Fri, 24 May 2024 10:50:04 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7DBEB4B65F1
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 920ad9847d4aeb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/stats/winners/latest
200 OK 63 kB URL GET goldenstar-casino.com/api/stats/winners/latest
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/winners/latest HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 6108564734498710383
x-datadog-sampling-priority: 1
x-datadog-trace-id: 4737742429750235819
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 63109
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"322644103010660ce0a4fa9f4ee1b9c9"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad97bdd2ceb4c-CPH
x-runtime: 0.053186
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97bdd2ceb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0F0Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--ac4ffba1f5f8da6d15453414146df8a0e25f023a/GS_reg_desktop.webp
200 OK 646 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0F0Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--ac4ffba1f5f8da6d15453414146df8a0e25f023a/GS_reg_desktop.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image
Size 646 kB (645804 bytes)
Hash 225face8f2c905a519b74afc74124054
8aec4c4423fdd8bd48ac28570da43779c8a1d3ae
d2e68ebdf6a68e20644f07747182887e49788f397052c65a66c0bbcaed03d863
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0F0Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--ac4ffba1f5f8da6d15453414146df8a0e25f023a/GS_reg_desktop.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/webp
content-length: 645804
content-disposition: attachment; filename="GS_reg_desktop.webp"; filename*=UTF-8''GS_reg_desktop.webp
content-security-policy: block-all-mixed-content
etag: "225face8f2c905a519b74afc74124054"
last-modified: Thu, 13 Feb 2025 10:39:41 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C42F70F222
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad9847d68eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/PeppesPepperoniPizzaPlaza.webp
200 OK 90 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/PeppesPepperoniPizzaPlaza.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4072a6a18046a55186271097b52b8c89
c41d8d1ab6a4317903974f90cf6b04361c7c2794
efb8de13a7007569b6d202dcff3e63dcb61ff84a1cc4c8454fa48cc2a9125680
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/PeppesPepperoniPizzaPlaza.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 90342
last-modified: Fri, 14 Feb 2025 11:30:05 GMT
etag: "67af293d-160e6"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c83b7128-OSL
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/index.html
200 OK 631 B URL GET code.gist.build/renderer/0.4.5/index.html
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type HTML document, ASCII text, with very long lines (667), with no line terminators
Hash 0c3baee9b883bf25bb791a22073ecaf7
7dea9a54f13115978d27fc4b8764690f71d77838
612b4790b00dde6ba0f962d9229c1e4979c2d8831b3f9e17343101ce40e93bc0
GET /renderer/0.4.5/index.html HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: text/html
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000093a4d62f87429b37-00679213b8-475899e6-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 2283
set-cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M; path=/; expires=Sat, 15-Mar-25 09:35:41 GMT; domain=.gist.build; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nezalyq2X8Hailt5WN%2BFJUMwoKpHPpSRlDRdvqSd1602LiUDiDoczvndT75MtNDBwiI3OT3hwlBSiKHd9nK6Jk3KJdV%2FG4MTzJlNddUTlOxbnfepVl5NlHymmBJCUMSOzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9b89be0b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=971&min_rtt=511&rtt_var=563&sent=28&recv=17&lost=0&retrans=0&sent_bytes=21570&recv_bytes=1563&delivery_rate=25923273&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=8571&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/pwa/180x180.png
200 OK 5.3 kB URL GET goldenstar-casino.com/images/pwa/180x180.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Hash a2befbf7b980126e288905c51b143465
84421fbbf4b7ff031d53d73ff7c1472759d43567
fc5fe2cd34aa824a70a36e234b31cf987e69a4eb740377a371846e392b9ac5af
GET /images/pwa/180x180.png HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: image/png
content-length: 5306
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-14ba"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:31 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad97e68c2eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/1spin4win/DonCatLeoneHoldAndWin.webp
200 OK 77 kB URL GET netcontent.cc/goldenstar/i/s3/1spin4win/DonCatLeoneHoldAndWin.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ca0ca57dd6d27e3951eac55d021a2c96
8c1b5a2ef9cd7c871eb2322ac2f185c9011542e4
521d611e9e379df195902cce275af7788ed66523aad9b76253837ec4344adcba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/1spin4win/DonCatLeoneHoldAndWin.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 76798
last-modified: Thu, 06 Feb 2025 13:05:06 GMT
etag: "67a4b382-12bfe"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 85322
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e0a7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack1.webp
200 OK 79 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack1.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d81ee4fa54fc51daacdb92920ca13d65
c2c9f4026a46a0b1dc775f1f9a4372dc7bafe848
c43d33c936a6e429aabc8e6eab07b3fd85b33309ad1b5d17af64545cea9e1392
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/ClassicBetStackerBlackjack1.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 79288
last-modified: Tue, 11 Mar 2025 09:55:05 GMT
etag: "67d00879-135b8"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 82757
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f7e487128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/cookies-icon.dd86d9b8..svg
200 OK 2.4 kB URL GET goldenstar-casino.com/images/cookies-icon.dd86d9b8..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 5094f849c975b201237fb265f3277bef
ef4d339694f86c7360f944001c7b0da9ef340169
38229dbd0fd26a33dee95aa3af227d8b6bb845646bb5171148549b6512370fe8
GET /images/cookies-icon.dd86d9b8..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/main.c238367a.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-962"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:31 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad97949d1eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBd3RVQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bc62e32a083c9027d7e738d7fa3a517626943b2f/GS_Endorphina_Juicy_Spring_Challenge_en_eur_slider_desktop_3840x900.jpg
200 OK 252 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBd3RVQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bc62e32a083c9027d7e738d7fa3a517626943b2f/GS_Endorphina_Juicy_Spring_Challenge_en_eur_slider_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 3840x900, components 3
Size 252 kB (252349 bytes)
Hash 91b312476c9b910d0305c0621d379205
de5b8736d2553b785c8c0da51076295636322f7d
13e1ef44de7aa69d65a19f3c7e8c2e5dd931c4d5555a595d553fd8590f7763df
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBd3RVQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bc62e32a083c9027d7e738d7fa3a517626943b2f/GS_Endorphina_Juicy_Spring_Challenge_en_eur_slider_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 252349
cf-bgj: h2pri
content-disposition: inline; filename="GS_Endorphina_Juicy_Spring_Challenge_en_eur_slider_desktop_3840x900.jpg"; filename*=UTF-8''GS_Endorphina_Juicy_Spring_Challenge_en_eur_slider_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "91b312476c9b910d0305c0621d379205"
last-modified: Thu, 06 Mar 2025 10:48:25 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C46E2E7266
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fcdfeb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/1273.png
200 OK 4.6 kB URL GET stats-api.feedconstruct.com/images/e/b/0/1273.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 0545142f41af8e83f8871f1f23bb9e50
0e6acb0722b94298423b5eaf1f87f744dc4a04c3
ccff91d29fa3fa5580681448b74e2e5a81fec5df31333276f3e248754e60785a
GET /images/e/b/0/1273.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 4633
last-modified: Tue, 17 Sep 2019 07:16:10 GMT
etag: "62baddc7276dd51:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6829
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=yGNv93mR_9v15DH41gO5x1R2s_6iKNWNf9VxQKk3J1A-1742029534-1.0.1.1-nn.jYLjoNMxlv_dU.8BtaFiO9lUm8WDTp5uTpbN6VGO0fHqp0JDwNh77WSkhXhauEKIMxIhKW5dGf06_f7LNGkgMZDWPq2mRFNpcvHOSO0I; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b7c53ebc6-CPH
X-Firefox-Spdy: h2
GET s10k-s3.softswiss.net/competitors/betconstruct/2996.png
200 OK 30 kB URL GET s10k-s3.softswiss.net/competitors/betconstruct/2996.png
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectsoftswiss.net
Fingerprint3D:51:A2:34:50:E5:6B:96:F7:06:58:55:C7:1B:65:42:F9:6F:57:57
ValidityThu, 23 Jan 2025 18:33:08 GMT - Wed, 23 Apr 2025 19:33:06 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Hash 05aeee9cd16165a6c0b2c82c19211e94
3c8c5b9287ce2405c62f84168f07e5026a7fcc9e
439c51ed9129a16ca966921eaca80e48322c6946109d5e893c9747bf66a67480
GET /competitors/betconstruct/2996.png HTTP/1.1
Host: s10k-s3.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 30072
cf-bgj: imgq:100,h2pri
cf-polished: origSize=33585
etag: "fd6fe645ac55a3f3565a0eba90c7d4dc"
last-modified: Tue, 27 Aug 2024 14:03:07 GMT
x-amz-id-2: R6NOT8hLbAo6zdXXjLFwK41a0DcJhUmk78mqFxMrCS21HIxqoGlsROAhy7s3/HgjSWrB2eFzEvguyJcpzIBb+A==
x-amz-request-id: JQMM50SBDYCVJFTP
cf-cache-status: HIT
age: 4040
expires: Sun, 15 Mar 2026 09:05:33 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b5f90b51b-OSL
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/979.png
200 OK 12 kB URL GET stats-api.feedconstruct.com/images/e/b/0/979.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 75b5da7e00ddb6271290f04fa418d93a
a94d6973bf4b55fb6265df905688c8dff997bb5c
b8a9f04f61b3e678975ddf1fd53d485acd9d50810c37b66767b7c9bdb1a22ae7
GET /images/e/b/0/979.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 11651
last-modified: Sat, 07 Apr 2018 11:07:22 GMT
etag: "f91499a60ced31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=Rv7cHiq86jxhE6th.peTSiamP_inUVSHxvlNxUroIXc-1742029534-1.0.1.1-YE.WFH2UmWZIdPedv2BztLCQEFq03uK09GlypTqlMx6sk5L8HchTZhmWXOgzauvXYhMIyDOrmDEiExMXMmOJM0q92HasaqQ4eCiCfSZEnTU; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b5bd5ebc6-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/998.png
200 OK 7.8 kB URL GET stats-api.feedconstruct.com/images/e/b/0/998.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash a2cf3f3aaa5e2929424b1c47ae1c7575
034f67ba9b78560d896733d06160686188361350
c10bdf100e52fce326ed342d1f3d00bdafb6be8e4dc04e53b40ad060f9246633
GET /images/e/b/0/998.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 7803
last-modified: Thu, 21 Apr 2016 14:08:42 GMT
etag: "bdf9cf4fd79bd11:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=iypSwHKY07S_FdTNnSa4zkLFHkIApPNtLZpSRRfRtMc-1742029534-1.0.1.1-_4m9Hydb5OSVc7xJr2ZM7i6gnjwclviIwakaowv20Dad8q_09tAi4pdArDLtal22huJHu11fFmNikWjZjipe6LnYNwgxJuPfhg.YxirS_EQ; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b5c07ebc6-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/live.fb6532fe..svg
200 OK 22 kB URL GET goldenstar-casino.com/images/live.fb6532fe..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 896e78e4b3efdac8ea82711e2c735724
e8ab5a14ffcf475f6836f52b6f10045b7161870a
59634b65d2f16dbccd84073c6b93254bfbc092d17dcec563982ec786afe28664
GET /images/live.fb6532fe..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-53d8"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2e01eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
200 OK 1.8 kB URL GET secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1852), with no line terminators
Hash fc92cd272ac636218e3871cfabe6c8ca
14d5839d04cd74a44620a935d4f43623b9a4c1d1
e97014ce9a64c3753b7b7ec00c1ddf5cf029d2b9c8b4e38d0d9b64c378deccb2
GET /customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 760
date: Sat, 15 Mar 2025 09:05:36 GMT
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/stats/winners/top
200 OK 72 kB URL GET goldenstar-casino.com/api/stats/winners/top
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/winners/top HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 240690906144573194
x-datadog-sampling-priority: 1
x-datadog-trace-id: 4700118535142038059
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 72103
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"2edfba1c2f4c08ea13649a8cfc4d23a2"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad97bed85eb4c-CPH
x-runtime: 0.064344
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97bed85eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/endorphina/endorphina2_HellHot100.webp
200 OK 40 kB URL GET netcontent.cc/goldenstar/i/s3/endorphina/endorphina2_HellHot100.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 154f6cb64f598711514452d21999bda9
0ae6f18236ed568bd65ced54034a344f72bea85c
24213516f89f9cdfc67dbffd04e32939e125851b7f98943d3dd2594bb1e36c52
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/endorphina/endorphina2_HellHot100.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 39924
last-modified: Fri, 21 May 2021 11:55:02 GMT
etag: "60a79f96-9bf4"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27832
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e057128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BigBassKeepingitReel.webp
200 OK 34 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BigBassKeepingitReel.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 45020e5a1b2350ee09c948a85087b355
ab724b798845f6e94ee07d75b12e1561eb1c853c
b962c752ca09d731adfeee9ce415e4f52104e417c0cd39e413c2283ee50d1493
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/BigBassKeepingitReel.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 33984
last-modified: Fri, 21 Oct 2022 15:24:09 GMT
etag: "6352b999-84c0"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2dd77128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/lightning_roulette.webp
200 OK 27 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/lightning_roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 114445e10282f743e2a28febc1ec32df
c56dd8a0bc11c2e32311615259de3ebdfdd820ff
0ad65e27d3a0bc65c326ed37a192140aee928e1737197afdf1d03e372483502b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/lightning_roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 27444
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
etag: "5d146666-6b34"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99129067128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spribe/plinko.webp
200 OK 5.5 kB URL GET netcontent.cc/goldenstar/i/s3/spribe/plinko.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 1e0d98627122b90a90b9535481538c29
6252104de6189ccf24986c63d943bcd861b54334
3fb408cd85215d2c355f9f15c8a343eb07b0388f89e3de7396f7b4e64a385e5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spribe/plinko.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 5458
last-modified: Thu, 22 Apr 2021 12:25:02 GMT
etag: "60816b1e-1552"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a8d7128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/1.DHlfGmX-.chunk.js
200 OK 52 kB URL GET cdn.livechatinc.com/widget/static/js/1.DHlfGmX-.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (36370)
Hash 08817bca968613e9bdecd6a5c846e4b9
d3790498edee63f7532203f67f49d62ecc10475f
c213abdebee1f3c131e8999f1373d744b52163bac604b7742a97c0660ac702c6
GET /widget/static/js/1.DHlfGmX-.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Mar 2025 11:33:29 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: HUrwMPsK5.srb1w79vGB2I1GihSmmIga
server: AmazonS3
etag: W/"08817bca968613e9bdecd6a5c846e4b9"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: pFrsXtYtepNx3E6wkmx-Ei_7US9cubr5Ea8GN7TUSlhp5OLMItWAbA==
content-length: 18482
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/voltent/SizzlingEggs.webp
200 OK 30 kB URL GET netcontent.cc/goldenstar/i/s3/voltent/SizzlingEggs.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 2d72ca6bed1c02fee7d76ea130b5640a
f4091b174fb4e942a5e290601d1bca09c798d9d9
82bb86562eeb17abe4db7b86c84de880f0a42fc3b909f976557bb15d75036d90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/voltent/SizzlingEggs.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: image/webp
content-length: 30318
last-modified: Mon, 05 Aug 2024 10:10:05 GMT
etag: "66b0a4fd-766e"
expires: Sun, 16 Mar 2025 09:05:41 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 75801
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9b7e96c7128-OSL
X-Firefox-Spdy: h2
GET renderer.gist.build/3.0/index.html
302 Found 631 B URL GET renderer.gist.build/3.0/index.html
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerLet's Encrypt
Subjectgist.build
FingerprintA4:6B:3B:76:A5:B3:9D:ED:4B:B2:16:3B:60:D8:1E:8E:04:AF:42:29
ValidityThu, 27 Feb 2025 19:15:04 GMT - Wed, 28 May 2025 19:15:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3.0/index.html HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.4.5/index.html
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzLmHt9wKABMw0B6z2x6be4kUly9eLA%2Fy89UFwFWNTuSxwnfhW2UtPp2DA1GD3dh9rCLZQHfI9PF0ns0aJE1Y5iEjL%2FE%2BIXLXsmuWG%2Bh9ir7Fu8HjeDh0CmZ4ylHZR%2FZCmc15zE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9b88bf50b02-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=773&min_rtt=492&rtt_var=523&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3710&recv_bytes=1238&delivery_rate=4510903&cwnd=256&unsent_bytes=0&cid=b1707c8b2c19504f&ts=33&x=0"
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/turbogames/TurboPlinko.webp
200 OK 20 kB URL GET netcontent.cc/goldenstar/i/s3/turbogames/TurboPlinko.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 9421af2f62241fb601c490df5f6346aa
e42d8f495d0aa138f784ae426c050ee2690ae797
c2e3623725cabdade44d4193001dd7a0bc58b5f1c6ac8605d541572de4ee607d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/turbogames/TurboPlinko.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 19664
last-modified: Tue, 11 Oct 2022 08:25:02 GMT
etag: "6345285e-4cd0"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a917128-OSL
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=748a0d0d-50aa-432e-9750-9174a93b882a&batch_time=1742029535001
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=748a0d0d-50aa-432e-9750-9174a93b882a&batch_time=1742029535001
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 0d92e8098e7d1245c87529e80b2e5f84
355500abc2456b2a7f8129cb1fcb772545161980
fda42d0ed1662e17300d5ec676a9a1928819c3cea2169fdd8104a8dbfea033e8
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=748a0d0d-50aa-432e-9750-9174a93b882a&batch_time=1742029535001 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15291
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 748a0d0d-50aa-432e-9750-9174a93b882a
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET goldenstar-casino.com/resources/images/favicon.png?t=1742029528995
200 OK 1.3 kB URL GET goldenstar-casino.com/resources/images/favicon.png?t=1742029528995
IP
ASN #209242 Cloudflare London, LLC
Requested by https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash 4e2bfa785dd486ef2a6b97c81222e896
d125c0db9b562f37f85912ea1ea669beb7af7314
d25132127a8374edfeb7c392b7d80e5ea9231e2b0d1e924fa7c84d35b488e96d
GET /resources/images/favicon.png?t=1742029528995 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gs.aff2go.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: image/png
content-length: 1276
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-4fc"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96d1dfc3570-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BiggerBassSplash.webp
200 OK 84 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BiggerBassSplash.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5e1189b177e28bbb6c8f4c55c018c4e3
c9c64418fcbde815729e5806886414dde4fa9efd
1ee87dab424e0f5eb71a292525532516788b7b0978d1ce54f023e9d580b828b3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/BiggerBassSplash.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 83506
last-modified: Fri, 31 Jan 2025 10:20:06 GMT
etag: "679ca3d6-14632"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73405
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c8527128-OSL
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=670d7b86-a2dc-476f-a5e0-7faeb594f77e&batch_time=1742029536619
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=670d7b86-a2dc-476f-a5e0-7faeb594f77e&batch_time=1742029536619
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash a3def9734b8516c88799be0bb63d7b56
93763953b60879e26a69400485136a9a198f9798
278314a33cb2c97473d67c5092f7af6abf69124ad9e82dd57264425d3ff0be27
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=670d7b86-a2dc-476f-a5e0-7faeb594f77e&batch_time=1742029536619 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15815
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 670d7b86-a2dc-476f-a5e0-7faeb594f77e
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.livechatinc.com/widget/static/js/8.qYTqns9Q.chunk.js
200 OK 40 B URL GET cdn.livechatinc.com/widget/static/js/8.qYTqns9Q.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7e52a399c848d69ce8f46de048d65818
04edadbe38b55f2bc90a9b8208629ea83cad73ad
d0bbdb2fd6d32b3abeb08e1ebb30d5e60f116b7fedc8e103c654be8faf9e893f
GET /widget/static/js/8.qYTqns9Q.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 20 Jan 2025 06:34:58 GMT
etag: "d541ce2d754402b833cc65b76eaea2c6"
x-amz-server-side-encryption: AES256
x-amz-version-id: CCfqOA8mhA5xinMzg93FYb2qTWHBN.4k
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: rV5k9DZRL8x_JA_367TQIV6QCToRb0QQwjEZwpKdYPoMdLHkqzY47A==
vary: Accept-Encoding
content-encoding: gzip
content-length: 60
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/exchange_rates
200 OK 14 kB URL GET goldenstar-casino.com/api/info/exchange_rates
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash 136ef0a77ffa3a3ea0976c4e5ec16bfc
6e61c5b5a7cef8692a0581419f10f539ea76f237
cfefee5c03647fdabcd731dc829935bcbb2b41a9907e96725b2b41fa932bbdc3
GET /api/info/exchange_rates HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 3515146726406220531
x-datadog-sampling-priority: 1
x-datadog-trace-id: 6634049479047999497
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 14064
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"cfefee5c03647fdabcd731dc829935bc"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad9792930eb4c-CPH
x-runtime: 0.008710
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9792930eb4c-CPH
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtm.js?id=GTM-TCV8GRZR>m_auth=>m_preview=>m_cookies_win=x
200 OK 293 kB URL GET www.googletagmanager.com/gtm.js?id=GTM-TCV8GRZR>m_auth=>m_preview=>m_cookies_win=x
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File type JavaScript source, ASCII text, with very long lines (15260)
Size 293 kB (293423 bytes)
Hash edfe79cc0a5d38b67cda8a1a6539a548
a3981d707acfb612bde3ad3a9ef68786b0233f12
8290c7671dd751c825af7ebf26f0039d7f3dec4259d9ec2a38283b59cbe8945f
GET /gtm.js?id=GTM-TCV8GRZR>m_auth=>m_preview=>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Mar 2025 09:05:31 GMT
expires: Sat, 15 Mar 2025 09:05:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0
report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],}
server: Google Tag Manager
content-length: 97710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/cms-pages_en.69ce4ec4.js
200 OK 28 kB URL GET goldenstar-casino.com/js/cms-pages_en.69ce4ec4.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/cms-pages_en.69ce4ec4.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-6cff"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
age: 5706
expires: Sat, 15 Mar 2025 13:05:30 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad976be51eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/player_fields
200 OK 8.9 kB URL GET goldenstar-casino.com/api/info/player_fields
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (10350), with no line terminators
Hash 556d2906e5ec94a3fd5c5944cf4b6133
67fbe34036659364371199ca40d4de1562f53d29
3434adb6159bc38e1d0c4fb1f6d7d8c3c73eeb552459c9bee6574086fbc72419
GET /api/info/player_fields HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 5661557633994767350
x-datadog-sampling-priority: 1
x-datadog-trace-id: 2598616516166215547
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 8946
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"fabd1fa5bada3ab7532293da879c3874"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad97939aeeb4c-CPH
x-runtime: 0.175670
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97939aeeb4c-CPH
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=82151340-ebe9-4b9d-a3bd-ed6698244f68&batch_time=1742029533610
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=82151340-ebe9-4b9d-a3bd-ed6698244f68&batch_time=1742029533610
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash eca22a9b3ed6e632e25aa1de1f99dbf6
d18e47c0f0edf93b190aac6d9fc2dfa952b6183f
641da33f53ca540be2017d27a6f7a7eebfa4567761ecb299c2cd2189780b5809
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=82151340-ebe9-4b9d-a3bd-ed6698244f68&batch_time=1742029533610 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15586
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 82151340-ebe9-4b9d-a3bd-ed6698244f68
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET code.gist.build/web/3.14.0/gist.min.js
200 OK 46 kB URL GET code.gist.build/web/3.14.0/gist.min.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type JavaScript source, ASCII text, with very long lines (46438), with no line terminators
Hash 1dd8bbe711a5a758606b5c9a6ee517ef
67d35a196ff630ab9f4bce8628c58a859cd820d8
f46eac32fe52b7bfda365e6e8a218b16e752b7f22c0b5c59b9ea760a199e1efa
GET /web/3.14.0/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: application/javascript
last-modified: Thu, 27 Feb 2025 08:38:29 GMT
x-rgw-object-type: Normal
etag: W/"1dd8bbe711a5a758606b5c9a6ee517ef"
x-amz-request-id: tx00000169f4f518fa3fae9-0067c02686-4776b21a-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
age: 3494
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xX2D%2FHn77LZvqPO0JNX1REKXu8A0CFN1LXTm%2Fr5JGXGcuISfvZMtSeN3FXXzhBsJ607aUZMQDJGDdiu%2FFKNEqUe%2F85VWpJkAW7oUKHqAD2OZjF39UW%2BAy2T%2FQQdSmGcmfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9957f25b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=838&min_rtt=511&rtt_var=501&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4152&recv_bytes=1289&delivery_rate=6884310&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=2921&x=0"
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-0GLZ8XMX5L&l=dataLayer&cx=c>m=45He53d0v9176994058za200&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719
200 OK 369 kB URL GET www.googletagmanager.com/gtag/js?id=G-0GLZ8XMX5L&l=dataLayer&cx=c>m=45He53d0v9176994058za200&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File type JavaScript source, ASCII text, with very long lines (5960)
Size 369 kB (369374 bytes)
Hash e596445ee5abf6900a963c08f6105a5b
b88d42f319c18faab9890d1cc205bc392c304687
da98c757cec9e16366cdd770e63cee3594be42416da191fb9f6753c506f60555
GET /gtag/js?id=G-0GLZ8XMX5L&l=dataLayer&cx=c>m=45He53d0v9176994058za200&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Mar 2025 09:05:36 GMT
expires: Sat, 15 Mar 2025 09:05:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 121951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM3ZoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--52095a67487b146bc4a5dbd472e1f223b13c3d64/GS_New_winter_highroller_bonus_en_eur_slider_desktop_3840x900.jpg
200 OK 258 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM3ZoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--52095a67487b146bc4a5dbd472e1f223b13c3d64/GS_New_winter_highroller_bonus_en_eur_slider_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 3840x900, components 3
Size 258 kB (258044 bytes)
Hash d8af092d2e4b0523ae9f4ff69eee02da
38febd672e618dc617f2829589bcf2e3919140f9
2b5f14bdc92bc9c4a13be57477597f48e679453fd09fd767790c92f19e2e4061
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM3ZoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--52095a67487b146bc4a5dbd472e1f223b13c3d64/GS_New_winter_highroller_bonus_en_eur_slider_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 258044
cf-bgj: h2pri
content-disposition: inline; filename="GS_New_winter_highroller_bonus_en_eur_slider_desktop_3840x900.jpg"; filename*=UTF-8''GS_New_winter_highroller_bonus_en_eur_slider_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "d8af092d2e4b0523ae9f4ff69eee02da"
last-modified: Mon, 23 Dec 2024 12:33:06 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C46DFA5BB9
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980cc0aeb4c-CPH
X-Firefox-Spdy: h2
OPTIONS sports.goldenstar-casino.com/api/v2/matches?match_status=0&match_status=1&limit=10
204 No Content 0 B URL OPTIONS sports.goldenstar-casino.com/api/v2/matches?match_status=0&match_status=1&limit=10
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectsports.goldenstar-casino.com
FingerprintD9:F4:6B:A0:6E:B1:9D:5C:FF:54:5F:B9:F2:95:22:FF:60:4A:63:97
ValidityFri, 28 Feb 2025 11:41:42 GMT - Thu, 29 May 2025 12:41:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/matches?match_status=0&match_status=1&limit=10 HTTP/1.1
Host: sports.goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-display-mode
Referer: https://goldenstar-casino.com/
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 15 Mar 2025 09:05:32 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS, DELETE
access-control-allow-headers: Authorization, Origin, X-Requested-With, X-Display-Mode, Content-Type, Accept
access-control-max-age: 1728000
x-request-id: 13adebc507716b534aa40ac847b857bf
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad981ff00eb48-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__2.png?hash=c4699cbd535de7c298ed6146d9f2361a
200 OK 773 B URL GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__2.png?hash=c4699cbd535de7c298ed6146d9f2361a
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash 927048f4853087b5ef9c355524033c6a
bed75e3122aaa73670cfb842ea153b49f14f87f8
c1b6fced6d951b11aaef0b0bf8c55f2c3965cdf9d5f1433d901dff77ebe57749
GET /images/snippets/registr-promo/rerister-promo__icon__2.png?hash=c4699cbd535de7c298ed6146d9f2361a HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/png
content-length: 773
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-305"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9848d83eb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/935.png
200 OK 9.9 kB URL GET stats-api.feedconstruct.com/images/e/b/0/935.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash b79c1e96ef1aebf11a8161b5a33d0b92
51a7231de8855c4ae31302bc4873929c53823c9f
6e1d5a5398a56b71fbcbcc331e6add77aabe270e8c930d886f17add9578e4b13
GET /images/e/b/0/935.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 9928
last-modified: Thu, 03 May 2018 07:13:31 GMT
etag: "eefdfe3daee2d31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6916
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=wisMCESYMmVyXtBrcphvu2UDGiZU19O3JSO2UcDYkwk-1742029534-1.0.1.1-TAW4Ty2RaBg_dC8LHBZNCo2kAuyfjgazwNtLKRYWTGOyZahmNTTIjH6AyOSH5B2kTH_o1d55StEuDRmYDgmc6zPBaIERbnXiHoyHxkcAIWw; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b7c71ebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BigBassReturntotheRaces.webp
200 OK 68 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BigBassReturntotheRaces.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5e3a1810048ed0271160b4cc0d9485d6
88cc88d83680578d04952f962d1fb1e3d5ea179b
c4e0f850b3faf0a17abac49372c5195271804f74ecbf6e50f5f0506d86aff52f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/BigBassReturntotheRaces.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 67670
last-modified: Fri, 21 Feb 2025 11:10:06 GMT
etag: "67b85f0e-10856"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990b8397128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/livechat.DyLuKPQJ.js
200 OK 463 B URL GET cdn.livechatinc.com/widget/static/js/livechat.DyLuKPQJ.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (492), with no line terminators
Hash 9c7cf3654498ec27ea097cb9275f1276
95732d3214f32005ee1899c15a7ed3be1f4d4c66
693be14dc06087265068e28e358c87b051b8a3fc024b82433598927fea71f7b3
GET /widget/static/js/livechat.DyLuKPQJ.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 463
last-modified: Thu, 13 Mar 2025 11:33:26 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: K78_hfeuj.Z.IgsLKeb7YUtWcAT7HJsz
accept-ranges: bytes
server: AmazonS3
etag: "ce5f812ee39ccfa06416e3e482ac4f63"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: HLR0DijX8tVOKOX6XICgRBz6x0CQuNBQvFcwcAbZ7nR4skl-KMqS5Q==
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/softswiss/ElvisFroginVegas.webp
200 OK 42 kB URL GET netcontent.cc/goldenstar/i/s3/softswiss/ElvisFroginVegas.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f57d7cf8be0849e33f189ae85669c39c
de0da88294127861a23ec22845551fa7ace15696
4e130c9c8dc824cb4c4e52b989ead89de2b5256d0ee1fafcfc98a168c4ed2864
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/softswiss/ElvisFroginVegas.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 42094
last-modified: Thu, 07 Apr 2022 09:25:02 GMT
etag: "624eadee-a46e"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e027128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/alg/Oracle360Roulette.webp
200 OK 76 kB URL GET netcontent.cc/goldenstar/i/s3/alg/Oracle360Roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 37c43d60d35521d777a88d74e8e0f5e9
d2eaf885e34a9eea3a3f5efa86be02e2ee879e6f
b091f8f89e463aa7375d4569a03c3ae06bffe78a52e77f8900360184b75fcb4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/alg/Oracle360Roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 76424
last-modified: Thu, 18 Jan 2024 11:50:05 GMT
etag: "65a9106d-12a88"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad991391c7128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/locales/en.json?hash=522e1b798505c07cc936d293732b4c85
200 OK 48 kB URL GET goldenstar-casino.com/locales/en.json?hash=522e1b798505c07cc936d293732b4c85
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /locales/en.json?hash=522e1b798505c07cc936d293732b4c85 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/json
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-bb2e"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 920ad977fc54eb4c-CPH
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=386dda1e-e234-4da7-86e0-95a913d9e984&batch_time=1742029531550
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=386dda1e-e234-4da7-86e0-95a913d9e984&batch_time=1742029531550
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 35b084da8f1f560cba7d8b50b7ea21b0
b989ee01adf07dbc75e6f14216912bebfa30ff74
43073d192e5a20b69087662a680181cdabe15a7e055a1b079918404694fad277
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=386dda1e-e234-4da7-86e0-95a913d9e984&batch_time=1742029531550 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 16332
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 386dda1e-e234-4da7-86e0-95a913d9e984
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/jackpot.aaf35597..svg
200 OK 8.1 kB URL GET goldenstar-casino.com/images/jackpot.aaf35597..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 89f3fd42aefe650d214416c2618c7053
c834e53ce29a25256fbab1e0f2f7ec55fc074e6c
76c57145d1701357595e5d7956e338dc6bb99d8f31a90942f0722201454895af
GET /images/jackpot.aaf35597..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-1f89"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2e13eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/endorphina/endorphina2_CrownCoins.webp
200 OK 27 kB URL GET netcontent.cc/goldenstar/i/s3/endorphina/endorphina2_CrownCoins.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a52d7bf77aaed652ead9659720dc64cc
95ca5d533656149df88c382507c8d36ce7f909cd
912f49e23e033d0421a3a39f30523c3ce49e007cfbeadeeb8868d368dac7cefa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/endorphina/endorphina2_CrownCoins.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 27422
last-modified: Tue, 25 Jun 2024 15:30:05 GMT
etag: "667ae27d-6b1e"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e127128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/6.D_CKFAbE.chunk.js
200 OK 782 B URL GET cdn.livechatinc.com/widget/static/js/6.D_CKFAbE.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (837), with no line terminators
Hash f64c12b6fd614654b7502a8fc20dd225
dcb8b62737d5126354e93c8095ed9e45cf8fdbb4
8409a7f800b0349a9cddb666a65beb110ec67529f66919cf269eb8a1a52a3440
GET /widget/static/js/6.D_CKFAbE.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 29 Aug 2024 11:11:44 GMT
etag: "a7bc1343fb84da3f27616cc8d8edcce0"
x-amz-server-side-encryption: AES256
x-amz-version-id: RISafw8.fBWwQ3jhFA50JpdKbdTY8l5c
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: z7Y8bVu8cNHvO0m-GM3hVCi8yi8XHXt-iNuPuhtivon3b11bAHxmHg==
vary: Accept-Encoding
content-encoding: gzip
content-length: 488
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/pages_users-sign_up.36a6669d.js
200 OK 261 B URL GET goldenstar-casino.com/js/pages_users-sign_up.36a6669d.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 060e81fced872b14ab9957ab90c2a818
f88c091d36aaf5edcc0f1a98e92bf9076ff35487
98b8b8b1180d39e5d1229e543a27c51dd64f4fdf8ef0c8a838ee9a3ef3214786
GET /js/pages_users-sign_up.36a6669d.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-105"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:31 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad978e812eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/fazi/Wild5.webp
200 OK 56 kB URL GET netcontent.cc/goldenstar/i/s3/fazi/Wild5.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4a235a42375fd5d75d62ccd8d71b98dd
e4972ad3fffed78f145d32703181f0a3acd3c82a
3aef765d07c5d59da56c4d6eb227b15059935f22191798c6c578fbdf79b96774
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/fazi/Wild5.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 56306
last-modified: Fri, 07 Mar 2025 15:20:05 GMT
etag: "67cb0ea5-dbf2"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73527
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f8e5a7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/VIPBlackjack5Ruby.webp
200 OK 25 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/VIPBlackjack5Ruby.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 04588f1a07eaa62a756f29c284255be2
953deb1485e9574bf96eb6a2c7912621a2459f7a
51a8f3472d74f41218597a43d27439236849e7914a4e6b1580fae2b4329b72ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/VIPBlackjack5Ruby.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 25208
last-modified: Tue, 29 Mar 2022 14:55:03 GMT
etag: "62431dc7-6278"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad991290a7128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/countries
200 OK 1.7 kB URL GET goldenstar-casino.com/api/info/countries
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (2068), with no line terminators
Hash 298dc0419007e7aca0362d48641c3823
3522040b627ec7df329b1678db7c73a873f37bc8
f2787ec886fec644f87e1b12edb2f7fef37c2c4cee953c1277fcd7675d8e204f
GET /api/info/countries HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 668653295597354974
x-datadog-sampling-priority: 1
x-datadog-trace-id: 7958858248484555942
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 1708
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"3d80347a4dc41a3ab87a881caf514826"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Origin
x-request-id: 920ad9792960eb4c-CPH
x-runtime: 0.004697
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9792960eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/react-odometerjs.04b0ad53.js
200 OK 12 kB URL GET goldenstar-casino.com/js/react-odometerjs.04b0ad53.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JavaScript source, ASCII text, with very long lines (11889)
Hash 9048df3dc7ac6f7ed8802adb8a093f79
e9354df47994a4dc1a18cffd8c41183c96cb85d8
019578b779d729563c014c2ae5c81d7fc4430ce7c318099698bb512f6e21cdf0
GET /js/react-odometerjs.04b0ad53.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-2eae"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9805a5beb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/sports-book-matches/sport-type/soccer.svg?hash=b5847aab777deb577ae329e700cf96bd
200 OK 643 B URL GET goldenstar-casino.com/images/sports-book-matches/sport-type/soccer.svg?hash=b5847aab777deb577ae329e700cf96bd
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 0bfe19fa6b8aa17ebfb1e59e9e9080da
6baba16e2c459be8b0d22786ed3a675e9fc3db01
f374261303c6b2456dc4802e44ab0da713fa631d2d882450287ace7ec68adeba
GET /images/sports-book-matches/sport-type/soccer.svg?hash=b5847aab777deb577ae329e700cf96bd HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-283"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5708
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad989ee59eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/gamzix/CoinWinHoldTheSpin.webp
200 OK 32 kB URL GET netcontent.cc/goldenstar/i/s3/gamzix/CoinWinHoldTheSpin.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a0a81cd6258aa5c5230f477269da07f8
7b30cbb7675664c7e5b3f03245e8e8bd671bde73
d4573defafa228076277b3cb7b96de63699b8b8fcd07f5fbead58a0b63b87ff2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/gamzix/CoinWinHoldTheSpin.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 32074
last-modified: Tue, 08 Aug 2023 11:00:04 GMT
etag: "64d22034-7d4a"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27832
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e007128-OSL
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/assets/FontManifest.json
200 OK 2 B URL GET code.gist.build/renderer/0.4.5/assets/FontManifest.json
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /renderer/0.4.5/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: application/json
content-length: 2
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx0000044380ab6e5afc8d2-00679213c7-4759a3de-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeXg4l8VPQL7YGcJJRS46WjEb5lu7BXrSLQ5FbRyDnDB39bxUP1QFetrXy%2FUKdYY13GB5JzS6LFWaBes1juO5OZPN8ly%2Fp15ft6LAyxOPorMKoCKtwc%2FzmRuxd1%2FbAjbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9bfdf1eb4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=742&min_rtt=430&rtt_var=219&sent=869&recv=162&lost=0&retrans=0&sent_bytes=1179621&recv_bytes=2206&delivery_rate=31679124&cwnd=266&unsent_bytes=0&cid=858f80552fabc0b1&ts=9716&x=0"
X-Firefox-Spdy: h2
GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
200 OK 97 kB URL GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectassets.gist.build
FingerprintFA:42:E4:DB:00:8D:DF:38:41:4C:08:95:35:9C:B1:FC:3D:F3:EB:76
ValidityFri, 28 Feb 2025 13:18:04 GMT - Thu, 29 May 2025 14:16:28 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", name offset 0x801f0001
Hash dbd9d85090512f88bcc941012cfa08e9
f0d8fea108c4231710736c7de70018320c4b9918
5510ad61d4a5d8ebba31efcdb9a08f2542444b491ba787caf955585e7fad14ee
GET /templates/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:43 GMT
content-length: 96932
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
x-amz-request-id: tx00000b29df69af6dd5e35-00675123f0-11b92aa9a-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=86400
x-envoy-upstream-healthchecked-cluster:
age: 9107
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FB8yXsJjjzndA3YPKG5bbcDLjF8CAITaFzYGmVJCWyLUuCiEo%2FRb%2BOIsDkQCPhIe5AFNGC6QC3U49yPbV1sotIPfUdbsya7hu5Ev8W1Okr3mNwxUzFzpZMyA1qTP8c1v0sf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9c528b6b511-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1426&min_rtt=514&rtt_var=1770&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1211&delivery_rate=6798122&cwnd=254&unsent_bytes=0&cid=297c54ae2ad4110b&ts=58&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/favicon.png
200 OK 1.3 kB URL GET goldenstar-casino.com/images/favicon.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash 4e2bfa785dd486ef2a6b97c81222e896
d125c0db9b562f37f85912ea1ea669beb7af7314
d25132127a8374edfeb7c392b7d80e5ea9231e2b0d1e924fa7c84d35b488e96d
GET /images/favicon.png HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: image/png
content-length: 1276
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-4fc"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:31 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad97e68c5eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8e3a28e8b9495f50a7593ee654442f495019820b/GS_New_winter_Third_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
200 OK 256 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8e3a28e8b9495f50a7593ee654442f495019820b/GS_New_winter_Third_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 3840x900, components 3
Size 256 kB (255826 bytes)
Hash 153c35978c8a1c2ae03a822b0efaa1c7
8425a5ccd7dbf261c802a3c6080f5066df548173
513ee418e1963cc9a9170c65ce40a3f30deaaa80ab634c4daf10e1eba7f28903
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8e3a28e8b9495f50a7593ee654442f495019820b/GS_New_winter_Third_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 255826
cf-bgj: h2pri
content-disposition: inline; filename="GS_New_winter_Third_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg"; filename*=UTF-8''GS_New_winter_Third_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "153c35978c8a1c2ae03a822b0efaa1c7"
last-modified: Mon, 23 Dec 2024 12:58:52 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C3C3894DF6
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fce8eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOC9vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5765ca629cf68ed09774afa64a97ab5c897720c6/collection-fairy-tales.webp
200 OK 36 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOC9vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5765ca629cf68ed09774afa64a97ab5c897720c6/collection-fairy-tales.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image
Hash dbb170c0b88fca642ae1a6f62b272db1
ff138ab37e674beedec9b42b5d7cccff108b556b
54a156d5fde816c651a96ddbdac871a088d4d39497bd4de410b52216ec3c00f9
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOC9vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5765ca629cf68ed09774afa64a97ab5c897720c6/collection-fairy-tales.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/webp
content-length: 36250
content-disposition: attachment; filename="collection-fairy-tales.webp"; filename*=UTF-8''collection-fairy-tales.webp
content-security-policy: block-all-mixed-content
etag: "dbb170c0b88fca642ae1a6f62b272db1"
last-modified: Fri, 27 Dec 2024 15:35:22 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C3E30A07D8
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fd1beb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/516.png
200 OK 11 kB URL GET stats-api.feedconstruct.com/images/e/b/0/516.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 7e8ca8039cde39f43a7ca9a2180d9d28
f1230ccdf2ebb14552dea38d8355bc7dda2b346f
bc1d35bcbc51d492b719236f03da88bc49bbb5d312d61ed7584ec6c8d7a6def5
GET /images/e/b/0/516.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 11357
last-modified: Tue, 17 Sep 2019 06:57:35 GMT
etag: "e3cd6f2f256dd51:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6829
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=Ru0IK1..sOkwRsFv32VglhG_A8n_Ou0SA366h9EJ3sA-1742029534-1.0.1.1-oMFgA2RUpYW6iGfm6.c9Bi03_tL3ijVqWkycWBCyEMCeGWW8EEtaUVoBXNtUBPyhM_X8plMyhvbKmuPKG5j6S4rv2Ly71gRZ6RiCDYwEjd0; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b7c69ebc6-CPH
X-Firefox-Spdy: h2
GET s10k-s3.softswiss.net/competitors/betconstruct/454.png
200 OK 196 kB URL GET s10k-s3.softswiss.net/competitors/betconstruct/454.png
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectsoftswiss.net
Fingerprint3D:51:A2:34:50:E5:6B:96:F7:06:58:55:C7:1B:65:42:F9:6F:57:57
ValidityThu, 23 Jan 2025 18:33:08 GMT - Wed, 23 Apr 2025 19:33:06 GMT
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size 196 kB (195791 bytes)
Hash 789c900531f4c1a1d92fa2c7e73781ff
4429665f59ed61c4e6f66efe696c3b0c63b54d01
84ab23c837eae3cd534134f1d74d11172ad920a922d73682b477abe146e186eb
GET /competitors/betconstruct/454.png HTTP/1.1
Host: s10k-s3.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 195791
cf-bgj: imgq:100,h2pri
cf-polished: origSize=220075
etag: "ad4ca6700f9cb79027702f061eadde3a"
last-modified: Mon, 03 Jun 2024 12:03:09 GMT
x-amz-id-2: TCNJY9bw8CSUpGFNLIO2njpAcNaw2rq8pUZBhP6axRjxO9MCMBYu7QQy62I3qK7fK+RelLXS0bY=
x-amz-request-id: H3E28B6BGH17A8X7
cf-cache-status: HIT
age: 91015
expires: Sun, 15 Mar 2026 09:05:33 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98acedcb51b-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/5.D_uKc_ak.chunk.js
200 OK 138 kB URL GET cdn.livechatinc.com/widget/static/js/5.D_uKc_ak.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (49245)
Size 138 kB (137495 bytes)
Hash c58db33f04cbae29096de56af87c3284
2e574d1c0f61df6d1011b3f7420f64781b4e1317
cc9af994a65e2deac1f388408504e6a4059652a5c652bcbfd0898731b9153be0
GET /widget/static/js/5.D_uKc_ak.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 21 Nov 2024 11:40:56 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: ZJUJFnVU68XPPBMfSR99ugOFErhtj870
server: AmazonS3
etag: W/"c58db33f04cbae29096de56af87c3284"
vary: accept-encoding
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: gfxSY8-KSW14Amzymb5YkVjS0eooyHkfXLO0I66JST4nq3prLMBazg==
content-length: 45402
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/GreedyFortunePig.webp
200 OK 34 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/GreedyFortunePig.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ca766f4f4a2017eda59fda2ba4b18582
9341dbab7eb32fb9b61b691abcb4709d52afbfce
c7e15a2c2c2db7eded6ff94e456f746355e3e5aacf92f81473b27976fdbe59d0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/GreedyFortunePig.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 33832
last-modified: Wed, 12 Feb 2025 10:15:05 GMT
etag: "67ac74a9-8428"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c83f7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/softswiss/SpaceXY.webp
200 OK 12 kB URL GET netcontent.cc/goldenstar/i/s3/softswiss/SpaceXY.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 69b37113154dbc4fc47329c0fb0f8dac
f1664e85fea0cb00e99fd10df6923e4737b8ee6a
f590e089bf8f91b3e433e0450d21b5fbc4af6dfe6bf29b176c432e61a5fe3972
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/softswiss/SpaceXY.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 11768
last-modified: Fri, 10 Dec 2021 10:05:02 GMT
etag: "61b3264e-2df8"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73528
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a9c7128-OSL
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=792aaf8e-8d9a-4554-a786-96bfca5de686&batch_time=1742029535574
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=792aaf8e-8d9a-4554-a786-96bfca5de686&batch_time=1742029535574
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e6f5f98ef937163fb8aaa601850bc177
fc3d06088ff0db278f46f178e52963bbfd081027
06d347349d990cc4a85d8d3be62547ec490af6292c9f7cddb059a96e6922959b
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=792aaf8e-8d9a-4554-a786-96bfca5de686&batch_time=1742029535574 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15913
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 792aaf8e-8d9a-4554-a786-96bfca5de686
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET goldenstar-casino.com/js/defaultVendors.ed37a1db.js
200 OK 1.2 MB URL GET goldenstar-casino.com/js/defaultVendors.ed37a1db.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 1.2 MB (1203638 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/defaultVendors.ed37a1db.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-125db6"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfa2eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/css/pages_.7b313231.css
200 OK 30 kB URL GET goldenstar-casino.com/css/pages_.7b313231.css
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (29715), with no line terminators
Hash 305286754ef4b9881b5825d4de001d33
e42556598b1ddc5056ed452e88cdcb16b2546851
b7bcd815d70df76355bf5aaed46d05bf1405e56da92343e802c225a2b5b99b88
GET /css/pages_.7b313231.css HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: text/css
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-7413"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
age: 5706
expires: Sat, 15 Mar 2025 13:05:30 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad976ceafeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN2h3Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b4363e21527c9ccc7a954354f9ad4995bcccbf6d/GS_Sport_SLL_promotion_bet_now_en_slider_desktop_3840x900.webp
200 OK 238 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN2h3Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b4363e21527c9ccc7a954354f9ad4995bcccbf6d/GS_Sport_SLL_promotion_bet_now_en_slider_desktop_3840x900.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image
Size 238 kB (237520 bytes)
Hash d5c47e3abe3f9698922cf0a3b2fa69c0
f3279ce2f6182f5fc645773c10be160a8b579d20
c229e213bdcbc46ff0614be8c751f653537d37e54fe6934c2b4065a96ffc66a1
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN2h3Q1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b4363e21527c9ccc7a954354f9ad4995bcccbf6d/GS_Sport_SLL_promotion_bet_now_en_slider_desktop_3840x900.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/webp
content-length: 237520
content-disposition: attachment; filename="GS_Sport_SLL_promotion_bet_now_en_slider_desktop_3840x900.webp"; filename*=UTF-8''GS_Sport_SLL_promotion_bet_now_en_slider_desktop_3840x900.webp
content-security-policy: block-all-mixed-content
etag: "d5c47e3abe3f9698922cf0a3b2fa69c0"
last-modified: Wed, 12 Mar 2025 15:39:19 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C4C2754BE6
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980ecd7eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/JohnHunterandGalileosSecrets.webp
200 OK 58 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/JohnHunterandGalileosSecrets.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7c984e6dec92d66c219522be33c90e50
0267259dce8f50716ab1ae2b28015da30767deff
951a9fd03aa06fc8f898a6c9d4282bbdf131581294d456f7ea9bfae296846718
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/JohnHunterandGalileosSecrets.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 58028
last-modified: Wed, 19 Feb 2025 11:45:05 GMT
etag: "67b5c441-e2ac"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 75794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990b83a7128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/2.Cdg4382i.chunk.js
200 OK 355 kB URL GET cdn.livechatinc.com/widget/static/js/2.Cdg4382i.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
Size 355 kB (355033 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/static/js/2.Cdg4382i.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Mar 2025 11:33:30 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: 6h0hTkYvQXBCjE6aM6aENcVGQURanWik
server: AmazonS3
etag: W/"fe259ce538a36af5f2fb7116d3eb7489"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: rr3MjbbOlrT7Fnlx2mgqa-bEAoX25hFfnCasN5ZH5OUlDVp9LaN_eQ==
content-length: 102121
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/index.html
200 OK 631 B URL GET code.gist.build/renderer/0.4.5/index.html
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type HTML document, ASCII text, with very long lines (667), with no line terminators
Hash 0c3baee9b883bf25bb791a22073ecaf7
7dea9a54f13115978d27fc4b8764690f71d77838
612b4790b00dde6ba0f962d9229c1e4979c2d8831b3f9e17343101ce40e93bc0
GET /renderer/0.4.5/index.html HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: text/html
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000093a4d62f87429b37-00679213b8-475899e6-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 2283
set-cookie: __cf_bm=wXDukuYBXaYHOLrKK2eFJv1k8i.0EGJUVuHiY2T.v7c-1742029541-1.0.1.1-2cXciphPCeQtexg19LLkstJhgJOvJrRCpJLybor50SoipMpFbkWklu94moammbSfY8mSilyfcCWOfDOPVyMBQgtj6MXz6Z77zPLhcYLmQNA; path=/; expires=Sat, 15-Mar-25 09:35:41 GMT; domain=.gist.build; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZoonWmeqicjO4GwSBV0ToecG0RNJIAsKcpaaiX3C8dQpBUxLvPg%2BYoYUChND8YC4gJ1ioqPRZ16tEEpH4RsoU9ZlYieiVyTatfzn7fVNvDHShX2Eds2XjayUJosMwLdGEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9b8abecb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=812&min_rtt=511&rtt_var=329&sent=25&recv=16&lost=0&retrans=0&sent_bytes=20477&recv_bytes=1563&delivery_rate=25923273&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=8563&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/main.040ae7f4.js
200 OK 2.0 MB URL GET goldenstar-casino.com/js/main.040ae7f4.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 2.0 MB (1959019 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/main.040ae7f4.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-1de46b"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfb3eb4c-CPH
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Mar 2025 10:12:20 GMT
expires: Fri, 13 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 168792
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
200 OK 104 kB URL GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectassets.gist.build
FingerprintFA:42:E4:DB:00:8D:DF:38:41:4C:08:95:35:9C:B1:FC:3D:F3:EB:76
ValidityFri, 28 Feb 2025 13:18:04 GMT - Thu, 29 May 2025 14:16:28 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 24646 names, language 0x5900, type 2 string
Size 104 kB (104120 bytes)
Hash 3a6e6bda2afe33f5c6d119a615ddc2dc
11c139461735c3a73253e44b2c973b58d5801a94
d2761e2e948b02fae63ba7bcf6d7722e2b0f712e32d4b026e8013f473faaeb4a
GET /templates/fonts/OpenSans/OpenSans-Bold.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:43 GMT
content-length: 104120
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "1025a6e0fb0fa86f17f57cc82a6b9756"
x-amz-request-id: tx00000d715d753d983a764-0067484461-119aa0d88-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=86400
x-envoy-upstream-healthchecked-cluster:
age: 20788
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EpBjhLkxTDy1bcfzGN4Dza5ZALhRfn41Mh19FTfW2hChkFsrIh9IDnJe8rq7pjV%2BCSaXcQpD0UgkEriPxw3ATOcKN5VE3GqRyNf3aVqd7p%2FIP5zvyhHGoSeodvVMR0rLa1y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9c5892cb511-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1719&min_rtt=463&rtt_var=1359&sent=234&recv=75&lost=0&retrans=0&sent_bytes=305274&recv_bytes=1409&delivery_rate=70340041&cwnd=254&unsent_bytes=0&cid=297c54ae2ad4110b&ts=108&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/css/common.43394315.css
200 OK 127 kB URL GET goldenstar-casino.com/css/common.43394315.css
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 127 kB (126824 bytes)
Hash 2be1822d80726aa402956270f60c955f
84b222833d596bd93a47ff8a266e66db4c8f66f8
093bcae8ddff8201cca02cb8b94e825945a76721f5087897ea227ea57da2f806
GET /css/common.43394315.css HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: text/css
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-1ef68"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfdaeb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/98/196132.png
200 OK 13 kB URL GET stats-api.feedconstruct.com/images/e/b/98/196132.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash aedf869b679ba8ce4fe44d2c19cca425
9a52e33221eef93a4a71a6b1dfc3ca1f83af1022
219db8c331ef5413ebca0cf0bea617708304c2b3f8f70ded2969e576a9845152
GET /images/e/b/98/196132.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 12973
last-modified: Fri, 03 Jun 2022 14:39:01 GMT
etag: "6e285eaa5777d81:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6693
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=M6AT81vrFnE4Iutp_l1fQUtYC_HZn1ZriOezNAhiNyQ-1742029533-1.0.1.1-HC4uMeG_kLB7xS.5kR9aP0yi4qgOv7wST1M7x3tdi3gJ2BXhsCfQ_Ew52hmjXsrqgGh8TDRcz7P3blredpRaCiTl6qLNAo9sv_RaK7M8sgA; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4babebc6-CPH
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Mar 2025 10:12:20 GMT
expires: Fri, 13 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 168791
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOFQzQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8308951ffdea059dfc20bc8fb5809fa94286df3d/sportsbook-bg.webp
200 OK 56 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOFQzQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8308951ffdea059dfc20bc8fb5809fa94286df3d/sportsbook-bg.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2804x894, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d8ca88469bf8e285628fec518a1c7718
e24ce48101792f4ac78466aaaf3a060506fe69bf
2f8dcbf4022c1704b4cb0347e3e4045078ec8916f54661eb2541da387f95bdef
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOFQzQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8308951ffdea059dfc20bc8fb5809fa94286df3d/sportsbook-bg.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/webp
content-length: 55808
content-disposition: attachment; filename="sportsbook-bg.webp"; filename*=UTF-8''sportsbook-bg.webp
content-security-policy: block-all-mixed-content
etag: "d8ca88469bf8e285628fec518a1c7718"
last-modified: Tue, 14 Jan 2025 08:41:45 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C40779C38B
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5708
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad989bd5feb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/belatra/MummylandTreasures.webp
200 OK 36 kB URL GET netcontent.cc/goldenstar/i/s3/belatra/MummylandTreasures.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash b1da5812998ac158a26ba2218e4371f7
c81fc5726bfa014ab942d8b2a0f3a7c3d78d0b21
9aae47e11096b031917072c50d63a796e3ebf64ac57e7d7484c3528c2cd8c8fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/belatra/MummylandTreasures.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 36286
last-modified: Wed, 01 Mar 2023 06:25:03 GMT
etag: "63feefbf-8dbe"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27832
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e077128-OSL
X-Firefox-Spdy: h2
OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
204 No Content 0 B URL OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 6c4e5c570b9ac00251b2155b33980c3b
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644
200 OK 1.7 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1962), with no line terminators
Hash caa404a086393a6e481f75285355402e
36955f20077f37a8001234fbcc251767312b29e0
818956f856174e80d923978227a58f12ed8d8f4e1c2a44681593531cf045834e
GET /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 15 Mar 2025 09:05:42 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/player
200 OK 17 B URL GET goldenstar-casino.com/api/player
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash dda54a79a99131814c9b43198402ec8d
6859008e793b7492030d7ee7bc44255bf6374eba
25572482d6858c1ffe32a3d9e1b14940a6a85aa99d4e19cc4af20c7d18207d85
GET /api/player HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 5338910571296829043
x-datadog-sampling-priority: 1
x-datadog-trace-id: 8780576807344840001
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 17
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
cache-control: no-store
x-s-media-type: s.v1
etag: W/"114a6e8f5c43bea09a4a73b24b44b030"
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad979397beb4c-CPH
x-runtime: 0.007289
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad979397beb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__3.png?hash=d8d081936f06e0af0e2bc5cc27790f22
200 OK 818 B URL GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__3.png?hash=d8d081936f06e0af0e2bc5cc27790f22
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
Hash 69e2734004def5f3c95cd70769d627f8
e9eb10fc97d763cac917ffcfedd3979e75f46187
5127a8df59ac7701461baea6d2de8c5de91c13b8d8aec61ee7d8b72b83e03426
GET /images/snippets/registr-promo/rerister-promo__icon__3.png?hash=d8d081936f06e0af0e2bc5cc27790f22 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/png
content-length: 818
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-332"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9848d86eb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/2/4838.png
200 OK 12 kB URL GET stats-api.feedconstruct.com/images/e/b/2/4838.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash a6748351bdccb06a39d3e7dd37dde9c2
69a257bf83b8943d3269349ec0205be9d407c01b
14bafdf99119b6a96a2672718769671c4ca4ba15867b1061882bbd79407b9b53
GET /images/e/b/2/4838.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 12379
last-modified: Tue, 19 Mar 2019 13:00:53 GMT
etag: "d2b4bfc853ded41:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6693
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=BKQDrQpoBRGDAlpkBphDThHoqwIItm.MBkUE.AtNMa4-1742029533-1.0.1.1-0H_ywhPtIyZUk08sOs09CMpBhipUshcT2zRrgq3vF1dYBlpLiy38brhnBMdr7zIjyZuHdB2V8_iy25.S821dP.e1tQR3ODqkcllxodNAfF4; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4baeebc6-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/6/12268.png
200 OK 22 kB URL GET stats-api.feedconstruct.com/images/e/b/6/12268.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash bd6912dfbc929beb9e5ad6d66f7360a8
ab7cafd6bcd4317c5d5c22f99d279865e0476144
bca24604acfed333355b1ed949d67abc1533a17de16f88be27989ae177a3069f
GET /images/e/b/6/12268.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 21673
last-modified: Sat, 19 May 2018 11:47:46 GMT
etag: "f715643467efd31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6693
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=.JRmCcb1LRf3ydhLtncEZNWMMRqWFG7G.hUhEZSjcxo-1742029533-1.0.1.1-UxSGY_TUh18Sd3DicHcoEQJsrRP_PLABxPQmbjaFzvJzzl0bN2qRrQZGv3W.s3mhgUa78PMmHt4mG86kQLLwJyQVuvB9Ww0nWlpFojXxMAc; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4bb5ebc6-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/css/main.c238367a.css
200 OK 298 kB URL GET goldenstar-casino.com/css/main.c238367a.css
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 298 kB (298451 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/main.c238367a.css HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: text/css
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-48dd3"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfc5eb4c-CPH
X-Firefox-Spdy: h2
GET assets.customer.io/assets/in-app-eu.js
200 OK 3.2 kB URL GET assets.customer.io/assets/in-app-eu.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerAmazon
Subject*.customer.io
Fingerprint15:BE:B0:52:FA:BB:41:70:4D:E7:82:18:AC:42:63:9D:D0:C9:10:AC
ValidityTue, 17 Sep 2024 00:00:00 GMT - Tue, 14 Oct 2025 23:59:59 GMT
File type ASCII text, with very long lines (3261), with no line terminators
Hash 9291425d15ae8904b7aab922927b24f1
02c5709ffbf65cae4fdcfb1ad0a829c89713dc56
bce0436815d72bf0078512a8ed26cef8e002911f263376a5b50b62a4360b2d22
GET /assets/in-app-eu.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 07 Feb 2025 09:37:38 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: zn3kvJ7cczAKNd5udm3LExShLSIsYIJy
server: AmazonS3
date: Sat, 15 Mar 2025 02:54:55 GMT
etag: W/"8a766572239f95d8ae2b9a3fe6a6e435"
x-cache: Hit from cloudfront
via: 1.1 37485b4aa4feacfc1ca26cfa4163e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: gbu5vAOx3QH09mbhV4q2wJl3GRp4qjxEGCEp3B9lIXgBDF9vXTUcOg==
age: 69287
cross-origin-resource-policy: cross-origin
vary: accept-encoding, Origin
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVVLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--dc4c93bce7461d55ac8ce033c90cd903d1df6cd0/telegram.svg
200 OK 1.0 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVVLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--dc4c93bce7461d55ac8ce033c90cd903d1df6cd0/telegram.svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 6ffb33265eaf212f150d5f511977c04b
6fad119bb974d357b36f597e4dccc1fab78e681e
7a8531c57f379750ec5691ed79d1b884262df2fb561c3315b355b74151f9a545
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOVVLQmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--dc4c93bce7461d55ac8ce033c90cd903d1df6cd0/telegram.svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
content-disposition: inline; filename="telegram.svg"; filename*=UTF-8''telegram.svg
content-security-policy: block-all-mixed-content
etag: W/"fcc926143058e566e6b9f8210cb2cf40"
last-modified: Fri, 24 May 2024 10:50:21 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7DBD5857CE5
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 920ad9847d35eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/5LionsMegaways2.webp
200 OK 41 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/5LionsMegaways2.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a6172ee9fc745603f78a4ce9a83bbd7f
58de532211554b85aeea5e0f5b394382306b0154
e0cf848b16cf635a7bbaca870e6183f22388a80f15336a685d1293b79106b6f4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/5LionsMegaways2.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 40736
last-modified: Wed, 26 Feb 2025 15:25:05 GMT
etag: "67bf3251-9f20"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990b8377128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/SavannahLegend.webp
200 OK 28 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/SavannahLegend.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4e3c44345a03e2d76207d52bab9b0cb8
afe7dfca7480bb65ac1d981902fc175bd516ee05
474d2f08f1259effdca193aec174f592447cb8604259e1ec5e3aa4e00588d6df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/SavannahLegend.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 28386
last-modified: Wed, 05 Feb 2025 11:05:06 GMT
etag: "67a345e2-6ee2"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c8487128-OSL
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=71f842f5-05a5-4f23-968e-b9e9247bd04b&batch_time=1742029535656
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=71f842f5-05a5-4f23-968e-b9e9247bd04b&batch_time=1742029535656
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash db0807353ed775565cedcbfd109ad8d7
c0bdb3178303b08927894e211c2a524d8cd2c70d
c5161461c049d608dc314d0044a50f8e58cf3a4869326cce91520d04c46cf79d
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=71f842f5-05a5-4f23-968e-b9e9247bd04b&batch_time=1742029535656 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15825
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 71f842f5-05a5-4f23-968e-b9e9247bd04b
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAA1A
200 OK 312 kB URL GET tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAA1A
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
FingerprintCB:F9:81:F2:44:8F:D4:3C:79:ED:4B:35:B1:D0:7F:B2:85:8B:D1:ED
ValidityThu, 06 Feb 2025 05:40:51 GMT - Wed, 07 May 2025 05:40:50 GMT
File type JavaScript source, ASCII text, with very long lines (61847)
Size 312 kB (311841 bytes)
Hash 59b5b961f22fb33cfe0fa1935ed3957a
bbedad1c10d99299ef8aaf39ad34d2e0b699df4b
5d580816e2c7c4a24544cb84e2db9ade332d0da26ee0227fd1cd36a99f7f6b6d
GET /dist/tag-manager.js?id=STM-AAAA1A HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 32111
content-encoding: gzip
content-disposition: inline
apigw-requestid: HdXNPhHSDoEEPRA=
vary: Accept-Encoding
date: Sat, 15 Mar 2025 09:05:36 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
GET a.sportradarserving.com/ul_cb/pixel?type=js&aid=1843&id=9037
200 OK 1.5 kB URL GET a.sportradarserving.com/ul_cb/pixel?type=js&aid=1843&id=9037
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerEntrust, Inc.
Subject*.sportradarserving.com
Fingerprint54:96:65:FA:BD:86:FE:EC:32:EB:A1:BD:9C:84:6C:52:19:6C:9B:D6
ValidityFri, 04 Oct 2024 12:36:42 GMT - Mon, 13 Oct 2025 12:36:41 GMT
File type JavaScript source, ASCII text, with very long lines (1527), with no line terminators
Hash b3a5f95e1eb111a3cdf9afbd8111eb7f
5573e840bcce56151c5a7603cf9e50283b4dff27
316e7ea477462a1a17e93e93e0ecd853076d2c4f9021e3a7600d7b7765ad1777
GET /ul_cb/pixel?type=js&aid=1843&id=9037 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Cookie: zuuid=cbb3ece2-6220-40ef-b6bd-eed85d086baf; c=1742029537; zuuid_lu=1742029537
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 1527
content-type: text/javascript; charset=UTF-8
date: Sat, 15 Mar 2025 09:05:37 GMT
set-cookie: zuuid=cbb3ece2-6220-40ef-b6bd-eed85d086baf; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1742029537; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1742029537; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch=511286737; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
cm4=!bidswitch=511358737; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/10.B9w-_AZn.chunk.js
200 OK 307 B URL GET cdn.livechatinc.com/widget/static/js/10.B9w-_AZn.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (313), with no line terminators
Hash 0c5797436f9eaad410d81a7b9683f397
f10b1a8120359a1cc382ea4e80ed99b754722a55
daaaa4e291bf8b7e23b6bc01bb24a1fe5eb72d9dd54a0bed77205c0e2e45d890
GET /widget/static/js/10.B9w-_AZn.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 06 Mar 2025 10:39:56 GMT
etag: "5e984445573850c6e38e17d5205ccfe1"
x-amz-server-side-encryption: AES256
x-amz-version-id: IaqKlgjO_0ywGDqFBUBV1.mK.u6kF.yB
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: _KfgUzGsJHZiC0m3n-sl_lIprDQt-Z2lSw8G8P8if4vSatVGzgMlLA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 237
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBL05MQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5f65814aae7894e9ee0dbd82d79bd81d99f4e161/GS_Spring_Weekly_Tournaments_Spring_Treasure_home_tn_1800x520.jpg
200 OK 135 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBL05MQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5f65814aae7894e9ee0dbd82d79bd81d99f4e161/GS_Spring_Weekly_Tournaments_Spring_Treasure_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], progressive, precision 8, 1800x520, components 3
Size 135 kB (134624 bytes)
Hash 14a5483676566babffb98c14fafb4bf4
d42e2f843007c99cf4aa5dd0e9900cca2f0bcec9
99a66610e7a224af4231e79109cfb3d1eae78529e4460e58ee7b2d183cd4107a
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBL05MQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5f65814aae7894e9ee0dbd82d79bd81d99f4e161/GS_Spring_Weekly_Tournaments_Spring_Treasure_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 134624
cf-bgj: h2pri
content-disposition: inline; filename="GS_Spring_Weekly_Tournaments_Spring_Treasure_home_tn_1800x520.jpg"; filename*=UTF-8''GS_Spring_Weekly_Tournaments_Spring_Treasure_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "14a5483676566babffb98c14fafb4bf4"
last-modified: Mon, 03 Mar 2025 13:42:06 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C43C32BB1B
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f5d87eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNXpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bb5c45087b102925e69257b6a2f23200393afc30/GS_New_winter_Welcome_Bonus_en_eur_slider_desktop_3840x900.jpg
200 OK 305 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNXpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bb5c45087b102925e69257b6a2f23200393afc30/GS_New_winter_Welcome_Bonus_en_eur_slider_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 3840x900, components 3
Size 305 kB (305027 bytes)
Hash d6eaa197a4aecf149ba7b3afca603106
a15d28c72cb2c26439f194a13029639a7004abaf
0455875b211eedde79e3222050181c5cd740dedd807c614cee89447d7dfc2295
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNXpoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--bb5c45087b102925e69257b6a2f23200393afc30/GS_New_winter_Welcome_Bonus_en_eur_slider_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 305027
cf-bgj: h2pri
content-disposition: inline; filename="GS_New_winter_Welcome_Bonus_en_eur_slider_desktop_3840x900.jpg"; filename*=UTF-8''GS_New_winter_Welcome_Bonus_en_eur_slider_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "d6eaa197a4aecf149ba7b3afca603106"
last-modified: Mon, 23 Dec 2024 12:54:50 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C47B805A29
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980eccaeb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/logos/license/CW.svg
200 OK 5.0 kB URL GET netcontent.cc/goldenstar/logos/license/CW.svg
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type SVG Scalable Vector Graphics image
Hash 6a9b0d0eeb831190f243d8e3891c76d5
d1fd906ea95682c4470463ff5445aa1aa133e862
9f1fa481df5ad582f61e802eb607248190d063e5476490a285a78e59bd63718b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/logos/license/CW.svg HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Sep 2024 19:15:05 GMT
etag: W/"66e09ab9-139d"
expires: Sun, 16 Mar 2025 09:05:32 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 85335
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad980ee9a7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/982.png
200 OK 4.3 kB URL GET stats-api.feedconstruct.com/images/e/b/0/982.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 64443f804a0f54d02fa714d20b57ab56
c2d5c15b464bba5f7a8354def7d2cdf08c866817
01823d57c7b8abb38190531da45b65e269ceec5fd6c687b60fefc0b12f4c16b0
GET /images/e/b/0/982.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 4318
last-modified: Thu, 28 Apr 2016 08:06:55 GMT
etag: "a21bc4ed24a1d11:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=PyAj0TcmGZeoK9PjFRddxoJqWPG.OZO3ERwr5ZC_zGw-1742029534-1.0.1.1-nJRAeGCWN2JOOgFo0Iv8fYfyrj2mpVH_AHDibdV92Gf0R3AddLGB9fg6EnLqKgbJO.iKgC2nnZ4aYDCYCGihUDVMfxzBeWAxlXq76_9I9IY; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4bb9ebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/LiveRouletteA.webp
200 OK 29 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/LiveRouletteA.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash b2a27cf3ca72a37639ca889ee234f671
0a063e42af022b3217ded60acb52842499d80aba
b6b708146ade03bb38a3078add53b537031a622908c19174ff8e81979f1088ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/LiveRouletteA.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 29168
last-modified: Thu, 26 Aug 2021 13:20:02 GMT
etag: "61279502-71f0"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99139217128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/13.Du4z9uvj.chunk.js
200 OK 231 B URL GET cdn.livechatinc.com/widget/static/js/13.Du4z9uvj.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 51ffb42e380faa86f92711728f9a184e
2115ae8b17284548145746d8690f92379b2dd9bf
1c0b882b7741a6e4436d57cbcd35522c5cee69ad157aa8add3c7bb9f042625b7
GET /widget/static/js/13.Du4z9uvj.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 13 Dec 2024 08:43:37 GMT
etag: "c77c70c8570694d5e20553711a6d1b28"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7HVRu3TVHaEjkSVXKl60Dfs2KviUYw9Y
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 9YL3_wDLMuZtF5-gROCNsTUFm8QctNGT-VHWGgA9Y8FK8R1XNNySpg==
vary: Accept-Encoding
content-encoding: gzip
content-length: 185
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET renderer.gist.build/3.0/index.html
302 Found 631 B URL GET renderer.gist.build/3.0/index.html
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerLet's Encrypt
Subjectgist.build
FingerprintA4:6B:3B:76:A5:B3:9D:ED:4B:B2:16:3B:60:D8:1E:8E:04:AF:42:29
ValidityThu, 27 Feb 2025 19:15:04 GMT - Wed, 28 May 2025 19:15:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /3.0/index.html HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.4.5/index.html
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEhNviuCsmMgfb1aHrzb9EykjJfK%2FgM8gmXhzQmb69BuZ6etWjQ1TkKHwx76aDYS1OBWA4fFew3jg72XwlX64KjV50km%2FoWTl2CrRnAPPCoiYHM1ce7zxRicQqRLLFnv08wfaYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9b88beb0b02-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=691&min_rtt=492&rtt_var=479&sent=7&recv=10&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1238&delivery_rate=4510903&cwnd=253&unsent_bytes=0&cid=b1707c8b2c19504f&ts=30&x=0"
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spnmnl/JokersWildRidePatricksDay.webp
200 OK 71 kB URL GET netcontent.cc/goldenstar/i/s3/spnmnl/JokersWildRidePatricksDay.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 07dd269850f75f82892f011c71b5946e
760a6fdd4f1affdc5461b1dbf8f1210391190058
b832a070355b02a112b6bff7269e7cc3153a2621019decd3fd41ad6722e18707
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spnmnl/JokersWildRidePatricksDay.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 71004
last-modified: Fri, 07 Mar 2025 10:25:06 GMT
etag: "67cac982-1155c"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 75794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f7e417128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/WildWildPearls.webp
200 OK 67 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/WildWildPearls.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ce7b7cded9d5b667341c07908a4fb0a3
9173dd6e0c5bf132ba00c5dc55b99263f84f5909
e7e58906ed889bab2a930884b903a7634b3ff601885d505d108551faf704d65e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/WildWildPearls.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 67296
last-modified: Fri, 17 Jan 2025 13:05:05 GMT
etag: "678a5581-106e0"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990d8727128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/runtime.0bf7387a.js
200 OK 56 kB URL GET goldenstar-casino.com/js/runtime.0bf7387a.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JavaScript source, ASCII text, with very long lines (56317)
Hash 3b07f11881f748e03b54ef349a0426eb
5ccd850ebc0a955a45a5f8967e2c0a505f18bb3c
2d11a7ed2a730e6665b828dda3037525b7fe22a3f73b913f1cb760b0bca422b5
GET /js/runtime.0bf7387a.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-dc31"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfb8eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/locales?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073
200 OK 760 B URL GET goldenstar-casino.com/api/info/locales?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type Unicode text, UTF-8 text, with very long lines (885), with no line terminators
Hash 1ff48eed1f54b4a13ea5ec8bb06cc92d
c791d1390cdb1d3fb3f7c138e0b1d2f453245b3f
500b0140b3fcfaaf9215cd63b9a02cf58dcad20d8fbd4c5ae783f2b9bd5d6926
GET /api/info/locales?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 6249068569929913959
x-datadog-sampling-priority: 1
x-datadog-trace-id: 3555348194638578407
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 760
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"be88f9bb51cb3dd994084e08453886f4"
cache-control: max-age=0, private, must-revalidate
set-cookie: referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag_traffic_source=email; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Origin
x-request-id: 920ad9793970eb4c-CPH
x-runtime: 0.006369
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9793970eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/restrictions
200 OK 412 kB URL GET goldenstar-casino.com/api/restrictions
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 412 kB (411685 bytes)
Hash 3f55b9d3750f6e63d3b28a5d23c88454
2c2c03a3673eb1bbffde9e1d7e98d18ab3891b2b
144ecaa442832e8060664c09c8b2211565106c5e39256a8022b27acf2259aaf4
GET /api/restrictions HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 7659650062152507286
x-datadog-sampling-priority: 1
x-datadog-trace-id: 2381918913582297230
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 411685
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"144ecaa442832e8060664c09c8b22115"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Origin
x-request-id: 920ad97949bfeb4c-CPH
x-runtime: 0.009636
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97949bfeb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/gamzix/3x3HoldTheSpin.webp
200 OK 41 kB URL GET netcontent.cc/goldenstar/i/s3/gamzix/3x3HoldTheSpin.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash b6375ca1c9c35f8cef90025bb372f1ca
137f0aec0fb2eb194001abff362abbd49fd4a653
8e9fb9e35f9830644ec36f7f64f2a3bc82754c58efb70ac661c7817701d013c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/gamzix/3x3HoldTheSpin.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 41134
last-modified: Fri, 09 Sep 2022 14:50:03 GMT
etag: "631b529b-a0ae"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 85322
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e0c7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/mascot/zeus_the_invincible.webp
200 OK 38 kB URL GET netcontent.cc/goldenstar/i/s3/mascot/zeus_the_invincible.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 9c3a1004adff250ae7961fefcdbfc59b
e1a2fed5ea8405c6bab8c63b24bfe35d4bf9bc08
c0889f379aeb39e3a0a43a7fa5c8d150bdfb8345e07c4cf527d12d4e124aab6f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/mascot/zeus_the_invincible.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 38034
last-modified: Thu, 13 Mar 2025 06:25:06 GMT
etag: "67d27a42-9492"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 75794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f6e377128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/tracking.js
200 OK 90 kB URL GET cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
Hash 3accdcc0eeb7c92a2c1b7bf5608d63c4
f9cf8ee9f8d2662e14e342e6ee678a4be1c9d0e5
25a9695bc423dcab44655e751976fc8086531803e59730830bf9d0759bf7c2f1
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Mar 2025 11:33:25 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: gCr_CI4oALRHRX8CmfqWGOFJSCyCTAzE
server: AmazonS3
etag: W/"3accdcc0eeb7c92a2c1b7bf5608d63c4"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 8lI3DbYtOJocL6saoM2lf1C0e17efWuDNkhBaXMseHmwKrMq9OJErA==
content-length: 28313
cache-control: max-age=28800
expires: Sat, 15 Mar 2025 17:05:35 GMT
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET payments-lib.cdn.s7s.ai/v1/index.js
200 OK 816 B URL GET payments-lib.cdn.s7s.ai/v1/index.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjects7s.ai
Fingerprint22:B0:03:2E:7D:28:B0:85:14:4E:15:93:84:38:74:C2:DF:DA:00:AA
ValidityThu, 23 Jan 2025 23:28:29 GMT - Thu, 24 Apr 2025 00:28:16 GMT
File type JavaScript source, ASCII text, with very long lines (862), with no line terminators
Hash f490b2069e08690a3fb3bb4ec82e4683
ca61138005299d41bd9c3278c28f12a71dcce037
40007649e61879dabc7d7b57f6ec6e44512944afbf0c189a6b11a2f4c8f017eb
GET /v1/index.js HTTP/1.1
Host: payments-lib.cdn.s7s.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 920ad9727c30b4fd-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 13762
cache-control: max-age=300
etag: W/"index.9e4c0a0f09.js"
expires: Mon, 17 Mar 2025 09:05:30 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN1RoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2f9cfbd17850042e7485bddd297aab02a509c7b7/GS_New_winter_Second_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
200 OK 319 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN1RoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2f9cfbd17850042e7485bddd297aab02a509c7b7/GS_New_winter_Second_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 3840x900, components 3
Size 319 kB (319099 bytes)
Hash 420669ec54f8fabee3c6118b0f6a92b6
9aceac19b98fd657a1797a6d856022180a124c75
55a2c2e2ad88b0f023f9c9a9a6354d0c5360ef9971c41cf4e7c588f6ba224354
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN1RoQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--2f9cfbd17850042e7485bddd297aab02a509c7b7/GS_New_winter_Second_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 319099
cf-bgj: h2pri
content-disposition: inline; filename="GS_New_winter_Second_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg"; filename*=UTF-8''GS_New_winter_Second_Deposit_bonus_en_eur_slider_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "420669ec54f8fabee3c6118b0f6a92b6"
last-modified: Mon, 23 Dec 2024 12:57:47 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C47B4FBABA
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fce2eb4c-CPH
X-Firefox-Spdy: h2
GET pixel-us.convertagain.net/pixel?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d&site=goldenstar-casino.com&ln=en-US
200 OK 0 B URL GET pixel-us.convertagain.net/pixel?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d&site=goldenstar-casino.com&ln=en-US
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerSectigo Limited
Subject*.convertagain.net
Fingerprint84:0B:F4:43:8C:DA:0C:EE:6E:52:BE:1D:56:AC:DF:0B:FC:DE:E8:6F
ValidityMon, 17 Feb 2025 00:00:00 GMT - Fri, 20 Feb 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?auth=5xkc2m&event=visit&affid=246216_67d542d89e84e00f1dfedd2d&site=goldenstar-casino.com&ln=en-US HTTP/1.1
Host: pixel-us.convertagain.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Mar 2025 09:05:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
GET goldenstar-casino.com/spi/main.js
200 OK 1.1 kB URL GET goldenstar-casino.com/spi/main.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type ASCII text, with very long lines (1117), with no line terminators
Hash 501cc4165e503327bf77a41e49a53d3e
ddbb76c21986b09c853a0069472dd93d64aaa939
7406acabadbc238a1a9ebdc3d263d4ee49901939a7628277824757bb9705d399
GET /spi/main.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Mon, 10 Mar 2025 10:31:09 GMT
etag: W/"67cebf6d-44b"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfbdeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/fonts/font-icons.7f3c1473..ttf
200 OK 26 kB URL GET goldenstar-casino.com/fonts/font-icons.7f3c1473..ttf
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, font-icons
Hash e6f71fc624627c8ad179a576a61837e6
51c1ee494b6426a6cf4bbb127f536e925ce37d16
96201f0942058c6254f6f1770243a69213e33d14d0a31536e153e5b531b95ae9
GET /fonts/font-icons.7f3c1473..ttf HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/main.c238367a.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:30 GMT
content-type: application/octet-stream
content-length: 25544
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-63c8"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:30 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9789ebfeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__5.png?hash=1d44d5488ac75809e0c669fb0393c46d
200 OK 770 B URL GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__5.png?hash=1d44d5488ac75809e0c669fb0393c46d
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced
Hash 0e8b34c8f05b3491aed0b70038ad427c
65cb55f3b2aa8c4f2b387ba833da84c8537bd90f
16ef0aa64065885e4b8bc74375205638f805a97b59e2de12a53e37b7496e131c
GET /images/snippets/registr-promo/rerister-promo__icon__5.png?hash=1d44d5488ac75809e0c669fb0393c46d HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/png
content-length: 770
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-302"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9848da7eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/swntt/Candyman.webp
200 OK 63 kB URL GET netcontent.cc/goldenstar/i/s3/swntt/Candyman.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 24e124880cd591d929fff34eba7619ec
5bb22de92f9b1988331c9b72cbc150db46412206
ccc1c1cf0955fd577630ba3c9a781066b57c9e7fa54a5fc1ea0318114cbff2aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/swntt/Candyman.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 62568
last-modified: Mon, 10 Mar 2025 12:55:06 GMT
etag: "67cee12a-f468"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73527
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f8e687128-OSL
X-Firefox-Spdy: h2
GET api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=acfe0cc3bdca3a685b168491bbee4cfb_80b32db2bb4721528ed37eef4f64a7f0&language=en&group_id=2&jsonp=__lc_localization
200 OK 12 kB URL GET api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=acfe0cc3bdca3a685b168491bbee4cfb_80b32db2bb4721528ed37eef4f64a7f0&language=en&group_id=2&jsonp=__lc_localization
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.4/customer/action/get_localization?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=acfe0cc3bdca3a685b168491bbee4cfb_80b32db2bb4721528ed37eef4f64a7f0&language=en&group_id=2&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sat, 15 Mar 2025 09:15:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-length: 4023
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/crypto-logos/crypto_games.svg?hash=ec87d23b34601118ecd28d70f54a539d
200 OK 3.4 kB URL GET goldenstar-casino.com/images/crypto-logos/crypto_games.svg?hash=ec87d23b34601118ecd28d70f54a539d
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash d178d27cf40301d96ae9d6b4426903c7
3d45604f94c02c5b49131a97c2d2eb967c33dfbe
5788c7831ba91ac40c348e9d4ad07ece060d760ac77e2a76e6ec215eca6e05a0
GET /images/crypto-logos/crypto_games.svg?hash=ec87d23b34601118ecd28d70f54a539d HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-d36"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9847d57eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=34a38fc8-54fd-4299-94d0-123702dcc683&batch_time=1742029535697
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=34a38fc8-54fd-4299-94d0-123702dcc683&batch_time=1742029535697
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 0501bdac9bf83172489358a408b8a193
515d430d76a003c06d2385b3a6a9ab792f90bb83
71a3bc67e9668f50c933b202b442cb409e9c7f100f29da0739687a53d30d16d0
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=34a38fc8-54fd-4299-94d0-123702dcc683&batch_time=1742029535697 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15793
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 34a38fc8-54fd-4299-94d0-123702dcc683
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=f786f4cc-9f48-4d53-9106-b6803eea6c73&batch_time=1742029535797
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=f786f4cc-9f48-4d53-9106-b6803eea6c73&batch_time=1742029535797
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 784de027961d521b5c1bf5ed68b6231c
fbdaf19f06e57883ecae37c88b00b7907a3d873b
5f91857b9084399b2c77ef54b82b535a26685f280ad410821fe5db3721bc3bda
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=f786f4cc-9f48-4d53-9106-b6803eea6c73&batch_time=1742029535797 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15601
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: f786f4cc-9f48-4d53-9106-b6803eea6c73
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=22450fbd-8b9c-4569-b764-dd7dec3184c6&batch_time=1742029535691
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=22450fbd-8b9c-4569-b764-dd7dec3184c6&batch_time=1742029535691
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 3e219a14dd1fdad0f5f5f23913f98454
58f2c67df0f4f4b07cafdec20f01a838de95f10c
b32faf940b80c9494a5ab32418cd35b6845fb090928bb5bf26305e749ece15c6
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=22450fbd-8b9c-4569-b764-dd7dec3184c6&batch_time=1742029535691 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15689
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 22450fbd-8b9c-4569-b764-dd7dec3184c6
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
200 OK 104 kB URL GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectassets.gist.build
FingerprintFA:42:E4:DB:00:8D:DF:38:41:4C:08:95:35:9C:B1:FC:3D:F3:EB:76
ValidityFri, 28 Feb 2025 13:18:04 GMT - Thu, 29 May 2025 14:16:28 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 24646 names, language 0x5900, type 2 string
Size 104 kB (104120 bytes)
Hash 3a6e6bda2afe33f5c6d119a615ddc2dc
11c139461735c3a73253e44b2c973b58d5801a94
d2761e2e948b02fae63ba7bcf6d7722e2b0f712e32d4b026e8013f473faaeb4a
GET /templates/fonts/OpenSans/OpenSans-Bold.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:43 GMT
content-length: 104120
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "1025a6e0fb0fa86f17f57cc82a6b9756"
x-amz-request-id: tx00000d715d753d983a764-0067484461-119aa0d88-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=86400
x-envoy-upstream-healthchecked-cluster:
age: 20788
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSOVeKCI5oOtsVLu2%2BQmaYtLBTS9Z%2FqUHLIMh8Cf%2BVACM4eXwO8eKMsFydJ8DvVvNVJFik6JJvRUf1rceRiYj%2FYgKaRz5zGxYlE%2F5RcuFVrJx2Eflx8JosLIhctxvDNc6hhC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9c538c6b511-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1239&min_rtt=514&rtt_var=1128&sent=82&recv=19&lost=0&retrans=0&sent_bytes=102271&recv_bytes=1211&delivery_rate=26776671&cwnd=254&unsent_bytes=0&cid=297c54ae2ad4110b&ts=66&x=0"
X-Firefox-Spdy: h2
GET wss://goldenstar-casino.com/cent/connection/websocket
101 Switching Protocols 0 B URL GET wss://goldenstar-casino.com/cent/connection/websocket
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cent/connection/websocket HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://goldenstar-casino.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: natEOcGtGNP+3wq8AfnZZg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 15 Mar 2025 09:05:32 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tQ60IcwNcu1SR9cPhN1qh7cnn/A=
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 920ad97e7d59d090-CPH
GET cdn.livechatinc.com/widget/static/js/7.xhyEK0_l.chunk.js
200 OK 74 B URL GET cdn.livechatinc.com/widget/static/js/7.xhyEK0_l.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 21b7a59cc31bfdcb9c6f5f4dc99d2a5c
95862457b1e89a06c8419959c0c45ab6237832bf
a401c33318a371db3b11b0ec189d894d54c1527b250b35745834b77ca4893e13
GET /widget/static/js/7.xhyEK0_l.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 20 Jan 2025 06:34:58 GMT
etag: "c96a39460d2b0a92409b2b92f3da88f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: enAVP6XlpXcI5EJrZjKveOyKQXAj_jTW
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: To1yZrCWbOaAjeBUknnOWLWUw76ehcFAoqwIbNH28H5kh2dAxAJYwQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 92
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/restrictions/marks
200 OK 202 B URL GET goldenstar-casino.com/api/restrictions/marks
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 84ee53d2ae4f769e356ae65f61a6a066
8a68e6c4f670b6829cd867c04de398aaafb5ec73
d857f59b5fe009479f84f21a3e322a8aa2d16a4578dae94e2b4f02c1484f9e19
GET /api/restrictions/marks HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 9019335046728395951
x-datadog-sampling-priority: 1
x-datadog-trace-id: 4200725243432162730
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 202
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"29ac8afed30bed01ff6a0347e80521c2"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad97949cbeb4c-CPH
x-runtime: 0.005306
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97949cbeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBODNvQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--878026bac08371825db658e637081c798c239788/collection-asian.webp
200 OK 38 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBODNvQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--878026bac08371825db658e637081c798c239788/collection-asian.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image
Hash e007301f2db114be1de0a98a6eeeda57
079324c65213ce4869d95b962ad1f13ee559c6f0
c6d7388952638705fa4a668e3a96a2a0dc12a7c699ec110b27bf9a0470c21a83
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBODNvQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--878026bac08371825db658e637081c798c239788/collection-asian.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/webp
content-length: 37918
content-disposition: attachment; filename="collection-asian.webp"; filename*=UTF-8''collection-asian.webp
content-security-policy: block-all-mixed-content
etag: "e007301f2db114be1de0a98a6eeeda57"
last-modified: Fri, 27 Dec 2024 15:35:10 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C463235E8E
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fd05eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/netgame/RichPiggies2BonusCombo.webp
200 OK 28 kB URL GET netcontent.cc/goldenstar/i/s3/netgame/RichPiggies2BonusCombo.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 33e8454c45d8ddf67e09d5a588cf017d
dfa25bff402c1fc94386ee4d91b2daf8474d72dd
e6b16d796b8cfee2efacb77ed3090c3af03e92ab173015de09497f5ed7a0f10e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/netgame/RichPiggies2BonusCombo.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 28160
last-modified: Wed, 30 Oct 2024 15:40:05 GMT
etag: "67225355-6e00"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e037128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/kalamba/DeepRush_k.webp
200 OK 18 kB URL GET netcontent.cc/goldenstar/i/s3/kalamba/DeepRush_k.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f144a4bbf00011f2e248cc5ad2089763
fef44533b38627017fd9c2b2861f43ee156967bf
02a378c0dd2b202986b84e0ca2c17c494153620bd7ab0d429d483e2d58a527ef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/kalamba/DeepRush_k.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 18172
last-modified: Wed, 19 Jul 2023 15:15:04 GMT
etag: "64b7fdf8-46fc"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73528
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9923aab7128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/currencies
200 OK 2.9 kB URL GET goldenstar-casino.com/api/info/currencies
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type Unicode text, UTF-8 text, with very long lines (3358), with no line terminators
Hash 013b70516196fbba54791cd7ef1b4cc8
11eed9f26a15a2562ead1a3e140d122524e0c045
bd50a43a06609f5372b1c5435d3ff2ffbc6f689dfa2dfb11cada6288ef40a22c
GET /api/info/currencies HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 7008820695780633432
x-datadog-sampling-priority: 1
x-datadog-trace-id: 3768221752689384666
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 2914
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"cd0f3fb622647f80d8685f1f41ba78a5"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Origin
x-request-id: 920ad97939a3eb4c-CPH
x-runtime: 0.004613
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97939a3eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBejVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b8dfb35ca614f0876f3f092792958c4cbfdd9298/GS_Gamzix_Flower_Fiesta_home_tn_1800x520.jpg
200 OK 175 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBejVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b8dfb35ca614f0876f3f092792958c4cbfdd9298/GS_Gamzix_Flower_Fiesta_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], progressive, precision 8, 1800x520, components 3
Size 175 kB (175315 bytes)
Hash 5a0071c63c72051bd41698fa45781cde
92ad103396d403c820de9907eca367dd9a67d474
d06f8a12c61ebd3771acfda045ef13804ec83ed25c21380be9d2d9dc4324bf61
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBejVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b8dfb35ca614f0876f3f092792958c4cbfdd9298/GS_Gamzix_Flower_Fiesta_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 175315
cf-bgj: h2pri
content-disposition: inline; filename="GS_Gamzix_Flower_Fiesta_home_tn_1800x520.jpg"; filename*=UTF-8''GS_Gamzix_Flower_Fiesta_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "5a0071c63c72051bd41698fa45781cde"
last-modified: Wed, 05 Mar 2025 15:46:35 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C40D5A9542
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f7e06eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/elk/Cygnus2.webp
200 OK 40 kB URL GET netcontent.cc/goldenstar/i/s3/elk/Cygnus2.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 18a732c22a6a53e10d36018bf074ed3c
8c0f9960d4ead291fbc51b97cb411112fc9013bc
5a79761b270db74500aff90bedd6ee11feb3ec4fafe81433f75df1021728c18e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/elk/Cygnus2.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 40220
last-modified: Mon, 01 Aug 2022 15:15:03 GMT
etag: "62e7edf7-9d1c"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1dcd7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spnmnl/GoldenstarRhino.webp
200 OK 36 kB URL GET netcontent.cc/goldenstar/i/s3/spnmnl/GoldenstarRhino.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash bdb4446034d26de90a24fb3b63d030de
163ff37ec90b9cf1d9f93abe4a16c9f12d38ef34
9627c1dd9227d991050ea9659b3554857c57bd79597d5c147f4eb1798353f613
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spnmnl/GoldenstarRhino.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 35964
last-modified: Fri, 31 Jan 2025 10:35:05 GMT
etag: "679ca759-8c7c"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 66046
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4dfc7128-OSL
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Mar 2025 10:12:20 GMT
expires: Fri, 13 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 168791
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOW5vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--42bb42de22fbf001bf57690ba9641eab93dc5c67/collection-mythological.webp
200 OK 37 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOW5vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--42bb42de22fbf001bf57690ba9641eab93dc5c67/collection-mythological.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image
Hash a260486f6713ea4792cbf137fbb85641
64cd71aac763b83a959965aa250b1c4dc91ab173
587cdca051de25973da127abe7d2f7e6405f7b1470e6b7d421a83b9847414c88
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOW5vQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--42bb42de22fbf001bf57690ba9641eab93dc5c67/collection-mythological.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/webp
content-length: 36690
content-disposition: attachment; filename="collection-mythological.webp"; filename*=UTF-8''collection-mythological.webp
content-security-policy: block-all-mixed-content
etag: "a260486f6713ea4792cbf137fbb85641"
last-modified: Fri, 27 Dec 2024 16:41:42 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C44A2CF136
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fcf9eb4c-CPH
X-Firefox-Spdy: h2
GET api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=305.0.2.45.88.42.2.3.1.1.1.28.1&group_id=2&jsonp=__lc_static_config
200 OK 4.0 kB URL GET api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=305.0.2.45.88.42.2.3.1.1.1.28.1&group_id=2&jsonp=__lc_static_config
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (4433), with no line terminators
Hash aa1311d430358cd83fd8fa3b50d5d030
a38ad399899dea648a385a1ea71618f93a8d5f57
4a9d89c143f8d108218420e11859c484e0302d401c849f8716626a80604ee51c
GET /v3.4/customer/action/get_configuration?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6&version=305.0.2.45.88.42.2.3.1.1.1.28.1&group_id=2&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
vary: Accept-Encoding
content-length: 1353
cache-control: public, max-age=600
expires: Sat, 15 Mar 2025 09:15:36 GMT
date: Sat, 15 Mar 2025 09:05:36 GMT
X-Firefox-Spdy: h2
GET a.sportradarserving.com/pixel?type=js&aid=1843&id=9037
302 Found 1.5 kB URL GET a.sportradarserving.com/pixel?type=js&aid=1843&id=9037
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerEntrust, Inc.
Subject*.sportradarserving.com
Fingerprint54:96:65:FA:BD:86:FE:EC:32:EB:A1:BD:9C:84:6C:52:19:6C:9B:D6
ValidityFri, 04 Oct 2024 12:36:42 GMT - Mon, 13 Oct 2025 12:36:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1843&id=9037 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 15 Mar 2025 09:05:37 GMT
location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1843&id=9037
set-cookie: zuuid=cbb3ece2-6220-40ef-b6bd-eed85d086baf; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
c=1742029537; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1742029537; path=/; expires=Sat, 14-Mar-2026 09:05:37 GMT; domain=sportradarserving.com; samesite=none; secure
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET tracker.ads.sportradar.com/dist//sp-3.8.0.js
200 OK 75 kB URL GET tracker.ads.sportradar.com/dist//sp-3.8.0.js
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
FingerprintCB:F9:81:F2:44:8F:D4:3C:79:ED:4B:35:B1:D0:7F:B2:85:8B:D1:ED
ValidityThu, 06 Feb 2025 05:40:51 GMT - Wed, 07 May 2025 05:40:50 GMT
File type JavaScript source, ASCII text, with very long lines (65378)
Hash 143272dddc33395008a84a86ac9c2e96
8a90a07a66c30b4fa28300001cf97db7baba420e
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
GET /dist//sp-3.8.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "143272dddc33395008a84a86ac9c2e96"
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: hs2Le-ISGGRHaMx7Kjb07xlUP5fHCLxTEYf7iKzTCA0zrRa5el3KIA==
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 15 Mar 2025 09:05:37 GMT
content-length: 24162
cache-control: max-age=900, public
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/egt/20VampireBites.webp
200 OK 29 kB URL GET netcontent.cc/goldenstar/i/s3/egt/20VampireBites.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash dd0752638189a802db58968595bb5f8e
81286754dda7f0569f57da933e7bee86aa1a4bc1
b659bbecd7c08a6034282b1fb4a4c073b70dccb93b7659ed7c24ee4af2076ad1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/egt/20VampireBites.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: image/webp
content-length: 29378
last-modified: Mon, 24 Feb 2025 10:10:05 GMT
etag: "67bc457d-72c2"
expires: Sun, 16 Mar 2025 09:05:41 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9b7e9707128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/lobby.613fb12c..svg
200 OK 10 kB URL GET goldenstar-casino.com/images/lobby.613fb12c..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash d9a6c3765e345c172a1fec2d17ac7dcb
fbd9adcdd4d21f0e33460e2c9d021e698a36406f
ab5ced1efb0cc98cc1220164ebc719673bc28fe2be18f717c502541bdc6d7370
GET /images/lobby.613fb12c..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-2785"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9847d53eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/groove/10HotWildsBoost.webp
200 OK 56 kB URL GET netcontent.cc/goldenstar/i/s3/groove/10HotWildsBoost.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0cc5f0bf64d2dd1e60825926380b7027
c526f0ee7aa8500a8bdf95d110a3388c69ac3ca4
e51aa6b051e5e0586bb9204419aa89bd0b856927d675a93aaa38c452727ee53a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/groove/10HotWildsBoost.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 56060
last-modified: Mon, 10 Mar 2025 13:15:05 GMT
etag: "67cee5d9-dafc"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73527
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f8e607128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/js/common.db44877b.js
200 OK 186 kB URL GET goldenstar-casino.com/js/common.db44877b.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Size 186 kB (185956 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/common.db44877b.js HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-2d664"
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:29 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad96fdfaceb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/games/collections?device=desktop
200 OK 4.4 kB URL GET goldenstar-casino.com/api/games/collections?device=desktop
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type Unicode text, UTF-8 text, with very long lines (5117), with no line terminators
Hash 29716e3b6868c63050a41371f786f1e2
fd00e24959a3400a4ce07adeed30e5f653088387
5a08bf11a8bd8a126a946e3cdf026ed3a75f60093088598177674af32369212c
GET /api/games/collections?device=desktop HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 8566680447274519366
x-datadog-sampling-priority: 1
x-datadog-trace-id: 8238227365746308259
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 4449
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"ddc336ddf5d9630f4e58d45b4d58e13f"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad97af9a6eb4c-CPH
x-runtime: 0.255407
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97af9a6eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/100hp/MetaCrash.webp
200 OK 15 kB URL GET netcontent.cc/goldenstar/i/s3/100hp/MetaCrash.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash daa746364143bd1b955a6c28fbd34f12
641ee10c79bad21560184640aff9924965733052
8f35df01493d893e299f7997f7971facf784bb1883350cc58d17164586f464a3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/100hp/MetaCrash.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 15368
last-modified: Fri, 29 Nov 2024 09:00:06 GMT
etag: "67498296-3c08"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73528
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a937128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spribe/dice.webp
200 OK 7.2 kB URL GET netcontent.cc/goldenstar/i/s3/spribe/dice.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 805d88dabfe9c31bdbf0e3b14e7971f4
14638bc34df0c1dd025ccfc748befa305b070b85
83d8926ac077affdd33ec7d2f2ae2925c5de04c5c360d26d1bbfbf9664e5ba58
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spribe/dice.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 7220
last-modified: Thu, 22 Apr 2021 12:25:02 GMT
etag: "60816b1e-1c34"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 73528
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9923a9f7128-OSL
X-Firefox-Spdy: h2
POST region1.analytics.google.com/g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=7225
204 No Content 0 B URL POST region1.analytics.google.com/g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=7225
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0GLZ8XMX5L>m=45je53d0v9176987653z89176994058za200zb9176994058&_p=1742029531504&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1264217836.1742029536&ecid=218451087&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&uid=User_ID&sid=1742029536&sct=1&seg=0&dl=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&dr=https%3A%2F%2Fgs.aff2go.link%2F&dt=Play%20at%20Golden%20Star%20Online%20Casino%7C%20Get%20up%20to%20%E2%82%AC1%2C000%20%2B%20100%20FS%20%7C%20Golden%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=7225 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://goldenstar-casino.com
date: Sat, 15 Mar 2025 09:05:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:137:0
report-to: {"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstarlink.com/uadd09073
302 Found 8.5 kB URL User Request GET goldenstarlink.com/uadd09073
IP
Certificate IssuerGoogle Trust Services
Subjectgoldenstarlink.com
Fingerprint87:01:10:A3:E8:0C:A1:FE:97:61:79:CD:9A:04:7B:61:20:59:91:53
ValiditySat, 18 Jan 2025 06:27:49 GMT - Fri, 18 Apr 2025 07:27:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uadd09073 HTTP/1.1
Host: goldenstarlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 15 Mar 2025 09:05:28 GMT
content-type: text/html; charset=utf-8
location: https://gs.aff2go.link/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
set-cookie: 2c624232cdd221771294=67d542d89e84e00f1dfedd2d; Expires=Mon, 14 Apr 2025 09:05:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad967f833569c-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMzVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--3082aaca4754543891fe480c588cd6186753a64b/GS_Pragmatic_Play_Drops-Wins_spring_2025_home_tn_1800x520.jpg
200 OK 154 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMzVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--3082aaca4754543891fe480c588cd6186753a64b/GS_Pragmatic_Play_Drops-Wins_spring_2025_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], baseline, precision 8, 1800x520, components 3
Size 154 kB (154451 bytes)
Hash 613cee2602f582454cdaabc49f302c2a
b06d489c6c5cdfb0c79ddc2a06143d4961e4e9bc
1013ca94795d88ac80adb5806a9ebb3e1f0cf0a44e172e930e000d48f487dc64
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMzVTQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--3082aaca4754543891fe480c588cd6186753a64b/GS_Pragmatic_Play_Drops-Wins_spring_2025_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 154451
cf-bgj: h2pri
content-disposition: inline; filename="GS_Pragmatic_Play_Drops-Wins_spring_2025_home_tn_1800x520.jpg"; filename*=UTF-8''GS_Pragmatic_Play_Drops-Wins_spring_2025_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "613cee2602f582454cdaabc49f302c2a"
last-modified: Wed, 05 Mar 2025 16:56:06 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C34E90307B
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f6ddfeb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/988.png
200 OK 13 kB URL GET stats-api.feedconstruct.com/images/e/b/0/988.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash aafa3d865eb94641711d047293342520
59f8a2884c9a48af9d70a97b7ac3815cc5034d26
e23d8e5a2ea5994021b4dd157074b8ab0361498740a9128652ab0fabee8e0253
GET /images/e/b/0/988.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 12742
last-modified: Sat, 07 Apr 2018 11:11:04 GMT
etag: "64c8e41e61ced31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=Uszs8knH_PdlmIvmGlft_0DZop5_bo75nUchsAMEbW8-1742029533-1.0.1.1-yu.0rsFrLGEL24Vb4grNo_sAu9N91e1TGq_62OtJBS184SaceazFW2rAU1onMEizQVCocb2Pw02cIFxvBS9.CgawvDLWthJ8WguDEmtc.PE; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4bb7ebc6-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/3/7640.png
200 OK 10 kB URL GET stats-api.feedconstruct.com/images/e/b/3/7640.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash c068863e8a0fff4b7661c9716072c4d2
e95c175f9025374a8216d7a387680165b86c3627
0f9b6759f10eb65350fd8310581b2a2c74ebf7be5c8c2a578a04d7bcfcb34bf4
GET /images/e/b/3/7640.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 10109
last-modified: Thu, 21 Apr 2016 14:08:54 GMT
etag: "d6b9d356d79bd11:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=XQcL9jlkfKb9QhDggKyKIesuzdkKsMkXs5jv72ooADU-1742029534-1.0.1.1-VY4ke_H8x8MDblieNZEVOJYul1oUsRKYn0njHLFSl66VPIHLrXCDhv.pDz_b8FQURBinnH5U0_cLu1F1c8iM4KVvYzDN0iY55tUWXy6tTho; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b5c09ebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/GatesOfOlympus1.webp
200 OK 46 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/GatesOfOlympus1.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 2ca2031bdaea965759495a16fb9505c8
07d160b606db60c93b87d7af2396f8c77fed340d
e02524c46ed96b199d76003e7c9ca6d3b344adc8c0737b48b4e00c944be42a8d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/GatesOfOlympus1.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 46366
last-modified: Fri, 19 Feb 2021 12:30:02 GMT
etag: "602faf4a-b51e"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 75794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2dd47128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/speed_roulette.webp
200 OK 7.3 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/speed_roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 13c6dae3055526b646247c69a13a83b8
bdf75cb61a11063a11e8253d839272bb76cbc659
40fdbc2ad0a99a1e436417ae73fdb53a376ef15ccf5ad3f574b4f8fb9a0c2654
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/speed_roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 7336
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
etag: "5d146666-1ca8"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99128f67128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/player
200 OK 17 B URL GET goldenstar-casino.com/api/player
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash dda54a79a99131814c9b43198402ec8d
6859008e793b7492030d7ee7bc44255bf6374eba
25572482d6858c1ffe32a3d9e1b14940a6a85aa99d4e19cc4af20c7d18207d85
GET /api/player HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
x-datadog-origin: rum
x-datadog-parent-id: 6403526110029154058
x-datadog-sampling-priority: 1
x-datadog-trace-id: 6801564642322510938
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff; _cioanonid=df961338-5328-9bd0-87a7-ad29538003ce
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:36 GMT
content-type: */*; charset=utf-8
content-length: 17
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
cache-control: no-store
x-s-media-type: s.v1
etag: W/"114a6e8f5c43bea09a4a73b24b44b030"
vary: Accept, Origin
x-request-id: 920ad9988bf8eb4c-CPH
x-runtime: 0.005751
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9988bf8eb4c-CPH
X-Firefox-Spdy: h2
GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
200 OK 97 kB URL GET assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectassets.gist.build
FingerprintFA:42:E4:DB:00:8D:DF:38:41:4C:08:95:35:9C:B1:FC:3D:F3:EB:76
ValidityFri, 28 Feb 2025 13:18:04 GMT - Thu, 29 May 2025 14:16:28 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", name offset 0x801f0001
Hash dbd9d85090512f88bcc941012cfa08e9
f0d8fea108c4231710736c7de70018320c4b9918
5510ad61d4a5d8ebba31efcdb9a08f2542444b491ba787caf955585e7fad14ee
GET /templates/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:43 GMT
content-length: 96932
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
x-amz-request-id: tx00000b29df69af6dd5e35-00675123f0-11b92aa9a-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=86400
x-envoy-upstream-healthchecked-cluster:
age: 9107
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEbgwEy8xH8OMfKAku%2FtD0m8sVm8coIE8nmudbtDbUy1rvTWs0EGy77WjqCdSbPMBeV%2FYmZKKnHEaJYQUalf3rhLd7A1KTfSNWziYLZPFGJs8BPhAhoczXNrvlvpoQ8YKexV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9c5791bb511-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2404&min_rtt=463&rtt_var=3303&sent=162&recv=39&lost=0&retrans=0&sent_bytes=207618&recv_bytes=1409&delivery_rate=48428093&cwnd=254&unsent_bytes=0&cid=297c54ae2ad4110b&ts=101&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/affiliate
200 OK 42 B URL GET goldenstar-casino.com/api/info/affiliate
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 5e405e018df3cac0f37bbbdfe69f0dd7
03c327d9fdd97fe3a75324fc00b9536f5cd36bde
de378a7980fd070ebd566350ab13214039467dbf6e49de874a17e06427fdb0ae
GET /api/info/affiliate HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 6405828352747494009
x-datadog-sampling-priority: 1
x-datadog-trace-id: 1381118642134194545
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 42
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"5d13d7ce79d5b966086edfd660c08e39"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad981e973eb4c-CPH
x-runtime: 0.020966
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad981e973eb4c-CPH
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/0.CFc0VM7J.chunk.js
200 OK 68 kB URL GET cdn.livechatinc.com/widget/static/js/0.CFc0VM7J.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash a08a419098722afdc9eded8e83ef8792
fe277fcb22400b8219f6635df00a85bf6d9b74a4
b4afcd908a5e3de71f70c10048ee227269eb5a2880d8abb09fac570d14428997
GET /widget/static/js/0.CFc0VM7J.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Mar 2025 11:33:29 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: 3U18kowtgqkrBeB0koXUeT46uS301F_h
server: AmazonS3
etag: W/"a08a419098722afdc9eded8e83ef8792"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 49SqEoRWUpkd-jI-E-CUIEHXgPPA5h0XoXznNzFzMhBkwBhSd9Q3Ow==
content-length: 21287
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/jackpots/grand-trophy-logo.svg?hash=d8ff5be680cd2a45a7e5e395bc7abca2
200 OK 17 kB URL GET goldenstar-casino.com/images/jackpots/grand-trophy-logo.svg?hash=d8ff5be680cd2a45a7e5e395bc7abca2
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash d8ff5be680cd2a45a7e5e395bc7abca2
e612f2a07d762a9d2e9890f83fd46f0ea66c6000
7fcf0bbe05a7b73748f89c541ea25a627b3feb8366521f1970a14f56f4bd0fc3
GET /images/jackpots/grand-trophy-logo.svg?hash=d8ff5be680cd2a45a7e5e395bc7abca2 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-42d9"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad980fd2aeb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack2.webp
200 OK 79 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack2.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash dd570138cfe35f9c4a88ec5bdfb46ee1
40d76719bde4679fb48e8ef504d84e45d103ecba
7787ae760bbbb8bffe50b71d1474ae9875fb60de81a4077ae0f249a2098e2f9e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/ClassicBetStackerBlackjack2.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 79178
last-modified: Tue, 11 Mar 2025 09:55:05 GMT
etag: "67d00879-1354a"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 30162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f7e4d7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/EscapeThePyramidFireAndIce.webp
200 OK 28 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/EscapeThePyramidFireAndIce.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ade31fddbf2f5160f4c6ff5999512158
81890d2e5f2f4c1e5d33a4ac2ed7f6b139865e44
839467151da421689d769650108bea60eaed5a0f5b95445f8809708d9970e279
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/EscapeThePyramidFireAndIce.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 28254
last-modified: Thu, 16 Jan 2025 07:40:05 GMT
etag: "6788b7d5-6e5e"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c85b7128-OSL
X-Firefox-Spdy: h2
OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644
204 No Content 0 B URL OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542644 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 7a624de02117307451b2155b3398060a
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNzVFQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a329acce1eaccc62218cd04964d865c215884491/GS_Bgaming_Drops_Frenzy_home_tn_1800x520.jpg
200 OK 208 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNzVFQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a329acce1eaccc62218cd04964d865c215884491/GS_Bgaming_Drops_Frenzy_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], baseline, precision 8, 1800x520, components 3
Size 208 kB (207840 bytes)
Hash ee70bbbbeaec07b1698f44144e6d475e
1a5f9ff6ebba9da28b5b98279e802bb599e8aea2
4b14e157de6685e90571c139d215d021ffbef987043ab34afc33cdf49a00220f
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNzVFQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a329acce1eaccc62218cd04964d865c215884491/GS_Bgaming_Drops_Frenzy_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 207840
cf-bgj: h2pri
content-disposition: inline; filename="GS_Bgaming_Drops_Frenzy_home_tn_1800x520.jpg"; filename*=UTF-8''GS_Bgaming_Drops_Frenzy_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "ee70bbbbeaec07b1698f44144e6d475e"
last-modified: Thu, 27 Feb 2025 14:35:39 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C43A371A46
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f7e1aeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNjN3Q0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e50606f34d2323665f468e75770dad919eb71945/GS_Wednesday_Free_Spins_desktop_3840x900.jpg
200 OK 246 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNjN3Q0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e50606f34d2323665f468e75770dad919eb71945/GS_Wednesday_Free_Spins_desktop_3840x900.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x900, components 3
Size 246 kB (246017 bytes)
Hash 3a5bf6608633bc6824a1c9e1a85da749
393e9567540ac696006d68449c982a09d6257b12
25217f48f59505fb7ac2ccd0e1ccfb7001a4d70f00f864946aa245af721fa3c4
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNjN3Q0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e50606f34d2323665f468e75770dad919eb71945/GS_Wednesday_Free_Spins_desktop_3840x900.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 246017
cf-bgj: h2pri
content-disposition: inline; filename="GS_Wednesday_Free_Spins_desktop_3840x900.jpg"; filename*=UTF-8''GS_Wednesday_Free_Spins_desktop_3840x900.jpg
content-security-policy: block-all-mixed-content
etag: "3a5bf6608633bc6824a1c9e1a85da749"
last-modified: Wed, 08 Jan 2025 09:46:51 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C4C023EFD9
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad980fcefeb4c-CPH
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 12 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash b7250ae4104e817a668e9c97cca3bad5
e7d9782b5231584b96d40a1a15c4aa95f7c3a9b7
a9efbf82cae2b10c4f23cfccd60dbf48733e3a950bed8a9682185eb7923151e5
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 3597988023176089669
x-datadog-sampling-priority: 1
x-datadog-trace-id: 6777902753137839247
Content-Length: 167
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 12472
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"a9efbf82cae2b10c4f23cfccd60dbf48"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9887fcfeb4c-CPH
x-runtime: 0.032432
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9887fcfeb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/crash.b96c12e8..svg
200 OK 833 B URL GET goldenstar-casino.com/images/crash.b96c12e8..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 35cc99405b9b3e75e87912128708dd85
48d01417cd9353089544948d9b14a4f1d2d45c19
b9b7aa35ec086fa4ef4c0ac067ac036845fc8fdb6de4a34592c9065c91cffbdb
GET /images/crash.b96c12e8..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-341"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2e37eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/netgame/BigCatchBonanzaPerfectHaul.webp
200 OK 19 kB URL GET netcontent.cc/goldenstar/i/s3/netgame/BigCatchBonanzaPerfectHaul.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash b5b3d79cb68231bd8b06efbb6f771b07
200e4d20b74bf7c413cd87e9b4ae999e928cafca
1484e1b73ed24c4a9b5a1c0ee7bc72d3b245eb91185180f7e6f828d0524483fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/netgame/BigCatchBonanzaPerfectHaul.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 18570
last-modified: Thu, 13 Jun 2024 13:55:05 GMT
etag: "666afa39-488a"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 85323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f5e1e7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BrickHouseBonanza.webp
200 OK 28 kB URL GET netcontent.cc/goldenstar/i/s3/pragmaticexternal/BrickHouseBonanza.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 95f6c699cb232d2cf7057009d176be03
58bbda51fc92d8d9e91121d6fe6480ea26ebceb1
714ebc1a66cb2c4d9601f54322291aaacb49e8d22affdc59f8f6293c69a67414
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/pragmaticexternal/BrickHouseBonanza.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 28476
last-modified: Wed, 22 Jan 2025 14:35:06 GMT
etag: "6791021a-6f3c"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad990c8587128-OSL
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 14 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash 50fbf8f49e5dac3ae9cd1e890e86a992
4d4f2fd9781d25066aa877c26f185161fd50d61d
28b56b4b4a3e95457ce7ae992946c9034482094bd80da001698b61c79597c60e
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 3004985143544566082
x-datadog-sampling-priority: 1
x-datadog-trace-id: 242628633152841664
Content-Length: 176
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 14372
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"28b56b4b4a3e95457ce7ae992946c903"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9886f7feb4c-CPH
x-runtime: 0.021409
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9886f7feb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/940.png
200 OK 6.2 kB URL GET stats-api.feedconstruct.com/images/e/b/0/940.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash d361142e64dae7883ae10025a8ed05b5
8f73be6279c9d2e4c21ab5d0d91a8d5630bdff7c
ca8e181b9e4f996fa37b8256702325e17eff2b0507c987d0bb4ccfab161b01bf
GET /images/e/b/0/940.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 6247
last-modified: Fri, 30 Jun 2023 13:09:28 GMT
etag: "55f751a54abd91:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6916
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=A6RYyDawdl5nRvLfnZfAKQwTG.8uochT5EC8mdr1tBo-1742029534-1.0.1.1-g9vbP0u4xAxHpEaJcECZTD1tzRj.9nQfp8USZkkNdk3vAoBAEdPnd2qY5T4lZeIyfymKIRcLyBOrLa9yhqPa4jOHMQmlUK1qtZXkWrl1kpk; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b9cd7ebc6-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/table.1e86be51..svg
200 OK 17 kB URL GET goldenstar-casino.com/images/table.1e86be51..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash ffc64b2c8f5f440fd30e70e840813858
cd9660ce37ce54ca13110f57445530d2652e2ddc
2514b562419db517f2ce5074f62acce07d50789665f1a014438955bcd5af3e1a
GET /images/table.1e86be51..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-42e3"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2e23eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/player/settings
200 OK 199 B URL GET goldenstar-casino.com/api/player/settings
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 1d80fe30033d4eeeddecf899439aa211
831420e7e97f4e90e5d49d24af1c45c7f3898908
98154e5af02c64f3819c24cc5fa7bd57ca8e5cdd2ddc6001f6c39f6ee2495af6
GET /api/player/settings HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 3627778597759390029
x-datadog-sampling-priority: 1
x-datadog-trace-id: 1744197624994283846
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 199
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"015926a8c3cbeb856f844a8b3d680f50"
cache-control: max-age=0, private, must-revalidate
set-cookie: locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad97939a6eb4c-CPH
x-runtime: 0.005994
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97939a6eb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack3.webp
200 OK 79 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/ClassicBetStackerBlackjack3.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5615712f7285e11ef1b7aeabc94bce6b
de48ad8c1cc56da5f61b46fea7ffee0957122f09
e2dd1e4315a782001a58cd51bbf684ad19dde5e05518221829299d1a686557a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/ClassicBetStackerBlackjack3.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 78724
last-modified: Tue, 11 Mar 2025 10:00:05 GMT
etag: "67d009a5-13384"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f8e657128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/smartsoft/Balloon.webp
200 OK 13 kB URL GET netcontent.cc/goldenstar/i/s3/smartsoft/Balloon.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash aeb65d9e2edcd808a2324c550cfac0d6
e2870d692f8cdb47e636fd42458b2f8ae7246023
129b6ca495c8b860803b1703c4a31a50d543fc7f626e62988704841ab2f7654a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/smartsoft/Balloon.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 12748
last-modified: Wed, 10 Nov 2021 07:10:02 GMT
etag: "618b704a-31cc"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a897128-OSL
X-Firefox-Spdy: h2
OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
204 No Content 0 B URL OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 4b0575d5932090cb51b2155b3398001e
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGtZQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b24602f4bdfc7cc1eb192aacb6b58ce03dcf7822/GS_3_Oaks_Turbo_Wins_Network_Campaign_home_tn_1800x520.jpg
200 OK 150 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGtZQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b24602f4bdfc7cc1eb192aacb6b58ce03dcf7822/GS_3_Oaks_Turbo_Wins_Network_Campaign_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], baseline, precision 8, 1800x520, components 3
Size 150 kB (149752 bytes)
Hash 395f3e34d4b63b022f4ac7b26585bbbd
325ab7376a430d887489cc925e46b73ff2043009
d8d6ebc706dbbce615c820b88645c4f1953f5600bc0e5e6de4700c01d3c5a16b
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOGtZQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--b24602f4bdfc7cc1eb192aacb6b58ce03dcf7822/GS_3_Oaks_Turbo_Wins_Network_Campaign_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 149752
cf-bgj: h2pri
content-disposition: inline; filename="GS_3_Oaks_Turbo_Wins_Network_Campaign_home_tn_1800x520.jpg"; filename*=UTF-8''GS_3_Oaks_Turbo_Wins_Network_Campaign_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "395f3e34d4b63b022f4ac7b26585bbbd"
last-modified: Thu, 30 Jan 2025 13:17:23 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C4358362F3
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f7e2ceb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spnmnl/SummerWays.webp
200 OK 39 kB URL GET netcontent.cc/goldenstar/i/s3/spnmnl/SummerWays.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5c24d8020ea629a1bbad9dbd851a07ca
12d6709aae7cee4bc5d5701f0ef5fa40f955e6be
c0d9ac42a97ff4911b6f32854215da4e15bb5294132189faea44d29c5fa07471
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spnmnl/SummerWays.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 39076
last-modified: Fri, 25 Aug 2023 12:10:06 GMT
etag: "64e89a1e-98a4"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1dd17128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/crazytime.webp
200 OK 88 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/crazytime.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash fdb5fefd98f7973b479f250decba23c9
cd2b21fc56ee536c4425eea9e7e2664ca12d3d75
1a8e65f40861503e48cc0f4057791b72f4567d63531dbf8807789d8311535a88
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/crazytime.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 88120
last-modified: Fri, 31 Jan 2025 09:40:06 GMT
etag: "679c9a76-15838"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2ddd7128-OSL
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 4.6 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (5373), with no line terminators
Hash b4122b0df19240bb51376169947fd064
cadf1b1f17c0a908d9d4e17e6ffc7e52e23d8004
960ad0e9d58ca2a3ea06cbcb6e82a43bd16995bc67d9c0751829322c57f0e216
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 8714967205526790499
x-datadog-sampling-priority: 1
x-datadog-trace-id: 4691252250323857941
Content-Length: 86
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 4637
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"540521525d6f44329ec821d818283ca3"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad97af9b4eb4c-CPH
x-runtime: 0.171548
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad97af9b4eb4c-CPH
X-Firefox-Spdy: h2
GET s10k-s3.softswiss.net/competitors/betconstruct/492.png
200 OK 200 kB URL GET s10k-s3.softswiss.net/competitors/betconstruct/492.png
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectsoftswiss.net
Fingerprint3D:51:A2:34:50:E5:6B:96:F7:06:58:55:C7:1B:65:42:F9:6F:57:57
ValidityThu, 23 Jan 2025 18:33:08 GMT - Wed, 23 Apr 2025 19:33:06 GMT
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size 200 kB (200298 bytes)
Hash f812edc0e9e5b62090889e60b3e2f0d5
95020eacc174c1165bf56c17f93488c30436f80b
37e34ce522602764e8ecb3ec908f4e322d2e344e3016abc6161d3ca64fbb9059
GET /competitors/betconstruct/492.png HTTP/1.1
Host: s10k-s3.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 200298
cf-bgj: imgq:100,h2pri
cf-polished: origSize=223949
etag: "0da9a5ea6ecc3ae9262552556025dc88"
last-modified: Mon, 03 Jun 2024 12:03:11 GMT
x-amz-id-2: OZaqbgRyFh/2tnQStGje4UgEJdEF3Gf7YcICuXyJbm3CCb1UhzRZ+k3WYrhCiG3ZRSrBQpflHbSaLl5LOO8VeQ==
x-amz-request-id: JQMH833R7DFE4FVF
cf-cache-status: HIT
age: 4040
expires: Sun, 15 Mar 2026 09:05:33 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b3f73b51b-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/truelab/BattleRage.webp
200 OK 26 kB URL GET netcontent.cc/goldenstar/i/s3/truelab/BattleRage.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash cf342895050bf7c8171665c36e8ce557
f5ec320bec1cf73cacc198889b932f9aee8faaa9
d19eab55d9447c69e88bda511cbe1e2635c375170721ffe9e59c9466d83f4030
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/truelab/BattleRage.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 25462
last-modified: Fri, 27 Sep 2024 13:15:05 GMT
etag: "66f6afd9-6376"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 85322
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f5e1c7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/playtech/SohoAllBetsBlackjack.webp
200 OK 19 kB URL GET netcontent.cc/goldenstar/i/s3/playtech/SohoAllBetsBlackjack.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 74bd7adc8d15209b2c16ecbfaa18a504
2b65be7a8722612c5465367ac2dc1f1cb1ca8ea6
520105243f9cc68e11aeffaa28a5e78bcb05474d9db77fb907bb56b4338f2995
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/playtech/SohoAllBetsBlackjack.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 18882
last-modified: Tue, 18 Apr 2023 11:40:03 GMT
etag: "643e8193-49c2"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99139147128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/100hp/CrimeEmpire.webp
200 OK 19 kB URL GET netcontent.cc/goldenstar/i/s3/100hp/CrimeEmpire.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 73a9e94b5a9e68098aa678c7c4be55c0
ecd22f1db87a4ec5baa8e080b2901d6332c3d710
8d4b58df83513ccaea9295303660f2f7388e7aa837f11aab7dd52ee70f5b5125
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/100hp/CrimeEmpire.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 19180
last-modified: Fri, 29 Nov 2024 09:00:05 GMT
etag: "67498295-4aec"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9923aa47128-OSL
X-Firefox-Spdy: h2
GET goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
200 OK 2.6 kB URL User Request GET goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
IP
ASN #209242 Cloudflare London, LLC
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type HTML document, ASCII text, with very long lines (2702), with no line terminators
Hash 1721d6a7efeae4528ef2db1b24b41f7f
3370f96b3fb2fa33beaf49e4cd1d76da99740934
40becd30983f4e2272851e026a3b1c26852eb96122c6b8714ae24f77bdc1634e
GET /?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gs.aff2go.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:29 GMT
content-type: text/html
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 920ad96e6993eb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMi8yQnc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--88a94f2eeb3aa1595252774c234541a2af72afcf/whatsapp-svgrepo-com.svg
200 OK 1.2 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMi8yQnc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--88a94f2eeb3aa1595252774c234541a2af72afcf/whatsapp-svgrepo-com.svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash a5bf92c9ac88be4641dc664116541762
addf0e786bb1a30616d3d3d7d0da3fb7c847a1ad
b82a343b69e29a0aa52aa767a29702669c37700ae09b7066bb540e1220ac8ae1
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMi8yQnc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--88a94f2eeb3aa1595252774c234541a2af72afcf/whatsapp-svgrepo-com.svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/svg+xml
content-disposition: inline; filename="whatsapp-svgrepo-com.svg"; filename*=UTF-8''whatsapp-svgrepo-com.svg
content-security-policy: block-all-mixed-content
etag: W/"6af811ad106a7b93893299cffdc3792c"
last-modified: Mon, 16 Sep 2024 10:55:20 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7DBE2CF441B
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 920ad9847d4feb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 14 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash 3d44a2a1f35a31ed4db9e7068027d136
60fcda2ef127581582113736d6fdddea7c1d185b
28541b6a9972f57552fa623b210e44c5c69cecd241e7a42f9bb66e6ed87d3196
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 6064978591394431680
x-datadog-sampling-priority: 1
x-datadog-trace-id: 5776835317837879592
Content-Length: 168
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 13801
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"28541b6a9972f57552fa623b210e44c5"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9887ff2eb4c-CPH
x-runtime: 0.021617
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9887ff2eb4c-CPH
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/3/6437.png
200 OK 19 kB URL GET stats-api.feedconstruct.com/images/e/b/3/6437.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 5e54b258db7832b7dc2b26efbc7b43d0
2b397dc2156d19b3c9fdc330facc862e60f9030e
a19437eaf97affb8d662e53786427ea1310e879afe4017e6c4382e18130bea28
GET /images/e/b/3/6437.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 19048
last-modified: Sat, 19 May 2018 08:54:30 GMT
etag: "d86b9ff4eefd31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6693
expires: Sat, 15 Mar 2025 13:05:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=XJxEfJpuGnsCZJTHVTUQuZ_cgiFkWmXsFILKxYd81fw-1742029533-1.0.1.1-Vr7y.bgfj7ddMx25kDvY5pSr0HsmxW9ViR6XNYN4_EGU6CIvk9iE29QWKR2bz3qiKwoZmfp7cad0w4c8at3T8Z.VwHysoDNWrJq.sZnvxTc; path=/; expires=Sat, 15-Mar-25 09:35:33 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b4bb1ebc6-CPH
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=74809edb-d97e-4a85-933e-0206428aca38&batch_time=1742029535009
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=74809edb-d97e-4a85-933e-0206428aca38&batch_time=1742029535009
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash f02ca5a6dc233b9a16fbf8b4da369400
b0223461c2ba9ca7571da7fea9b713dac2e5ab94
1ab1799ee2ad926ea76d66f17619b8216d4cfc85fa0d2755476269756eafed0a
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=74809edb-d97e-4a85-933e-0206428aca38&batch_time=1742029535009 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 16108
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 74809edb-d97e-4a85-933e-0206428aca38
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17715630&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&channel_type=code&implementation_type=%40livechat%2Fwidget-react&jsonp=__zd5tl4tptfe
200 OK 390 B URL GET api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17715630&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&channel_type=code&implementation_type=%40livechat%2Fwidget-react&jsonp=__zd5tl4tptfe
IP
ASN #20940 Akamai International B.V.
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (422), with no line terminators
Hash e2df4fdb61a102e85201275269c5ca52
98a08d3147cfc4f498c0f9a456aac9f4c7e1ef79
3600d1549b4952259b47b77c4d579728859a7778772b11b5a4fec15afb06d71e
GET /v3.6/customer/action/get_dynamic_configuration?license_id=17715630&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&channel_type=code&implementation_type=%40livechat%2Fwidget-react&jsonp=__zd5tl4tptfe HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-security-policy: frame-ancestors https://goldenstar-casino.com/;
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-frame-options: allow-from https://goldenstar-casino.com/
content-length: 390
date: Sat, 15 Mar 2025 09:05:35 GMT
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/3.B5sHuEdG.chunk.js
200 OK 193 kB URL GET cdn.livechatinc.com/widget/static/js/3.B5sHuEdG.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
Size 193 kB (192932 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/static/js/3.B5sHuEdG.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 06 Mar 2025 10:39:57 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: nRo_vgNp1IxNQnjn9O7wQrOm8bHLgNrl
server: AmazonS3
etag: W/"f86596c8708cd1da16bb5134482b9908"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: zUKS-Hi9r4Rnt-lllY5Z1Y-C2qHhxw6fgS6p1vStjUG3ES4oH9Vphg==
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-length: 60760
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
POST accounts.livechatinc.com/v2/customer/de7d5235-1f8c-4372-8eb8-95143bacdeb6/2/token
200 OK 195 B URL POST accounts.livechatinc.com/v2/customer/de7d5235-1f8c-4372-8eb8-95143bacdeb6/2/token
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 5819efd82d972a186994383551956a14
67614264f9b731e30d457359322f1059aa561c21
2c879e779edcaaeadb0c9da1e854ead9aaa3924de6ecefb723a79a527f4d010b
POST /v2/customer/de7d5235-1f8c-4372-8eb8-95143bacdeb6/2/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 195
date: Sat, 15 Mar 2025 09:05:38 GMT
set-cookie: __lc_cid=bf3d91db-d515-43d3-a63e-f34ec918e7a7; Path=/v2/customer/de7d5235-1f8c-4372-8eb8-95143bacdeb6/2/token; Domain=accounts.livechatinc.com; Expires=Mon, 15 Mar 2027 09:05:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cst=7d37618e2284a1baa917bbba67ea37a356fa2a260bc8f268dab0b17551cdb2edd87847af9d38452d3c827399aa57525bc6a8d8dbe4986eadb1205b09993a; Path=/v2/customer/de7d5235-1f8c-4372-8eb8-95143bacdeb6/2/token; Domain=accounts.livechatinc.com; Expires=Mon, 15 Mar 2027 09:05:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cid=bf3d91db-d515-43d3-a63e-f34ec918e7a7; Path=/licence/g17715630_2/; Domain=accounts.livechatinc.com; Expires=Mon, 15 Mar 2027 09:05:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cst=7d37618e2284a1baa917bbba67ea37a356fa2a260bc8f268dab0b17551cdb2edd87847af9d38452d3c827399aa57525bc6a8d8dbe4986eadb1205b09993a; Path=/licence/g17715630_2/; Domain=accounts.livechatinc.com; Expires=Mon, 15 Mar 2027 09:05:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__oauth_redirect_detector=counter=1&t=1742029567&tag=e0affe19f575aff05b3a820d7c742ab43137f166; Path=/; Expires=Sat, 15 Mar 2025 09:06:07 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=86400 ; includeSubDomains
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMUxxQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--c6183460eb1a9c90ed73e3d60f89c72074e37af9/home-vip-bg.webp
200 OK 45 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMUxxQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--c6183460eb1a9c90ed73e3d60f89c72074e37af9/home-vip-bg.webp
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x450, Scaling: [none]x[none], YUV color, decoders should clamp
Hash c9e7a990e696276298948206957d9b6b
866c324017e47ad6ad047f3d94aaa8f8c0ba91e0
77d4bbcb4777acd09cf8a9acaae23445e8c45f600be5b48905049be52ac60296
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMUxxQ0E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--c6183460eb1a9c90ed73e3d60f89c72074e37af9/home-vip-bg.webp HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/webp
content-length: 45302
content-disposition: attachment; filename="home-vip-bg.webp"; filename*=UTF-8''home-vip-bg.webp
content-security-policy: block-all-mixed-content
etag: "c9e7a990e696276298948206957d9b6b"
last-modified: Mon, 30 Dec 2024 14:06:25 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C3E87D246D
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f5d69eb4c-CPH
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
200 OK 27 kB URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 26736, version 1.0
Hash 8404cfed82d322c1be8e149fd9f40eb8
3e3657246db3b889e68d520904ac294a230db56d
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Mar 2025 09:14:11 GMT
expires: Fri, 13 Mar 2026 09:14:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
content-type: font/woff2
age: 172281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fc2d127c-6f2e-4380-9a10-d018efb544e4&batch_time=1742029532663
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fc2d127c-6f2e-4380-9a10-d018efb544e4&batch_time=1742029532663
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e6103bd9d2a21febb833df666acad21a
95e4d217df69d890b7e24efaacae30ff2182732d
740a48c934d9699232153d174a74b1106deca851d330a79b3c3aec52d56c5bd2
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fc2d127c-6f2e-4380-9a10-d018efb544e4&batch_time=1742029532663 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 16177
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: fc2d127c-6f2e-4380-9a10-d018efb544e4
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=1788377a-f93e-4287-8171-45c80458875e&batch_time=1742029535661
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=1788377a-f93e-4287-8171-45c80458875e&batch_time=1742029535661
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash acf91edcbf7846f237d7f165e9c67311
1ade481418f92b1358187b78ad9c2ecafa448bab
9ccead755e4fc879d45ad3e498ec1f889b4edd88d248911cd962d058e0cbf344
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=1788377a-f93e-4287-8171-45c80458875e&batch_time=1742029535661 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 15530
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 1788377a-f93e-4287-8171-45c80458875e
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.livechatinc.com/widget/static/js/9.BLNeWQuH.chunk.js
200 OK 21 kB URL GET cdn.livechatinc.com/widget/static/js/9.BLNeWQuH.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (21002)
Hash 979fa39e19714ef83044823ce720576c
c2df28b54857ee4d4bea3cc2b9c666037ffc8f0f
60b5820a8f11843a2a10074748c39b87ef42ff09eb46a1b06f066d51fd34aa36
GET /widget/static/js/9.BLNeWQuH.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 13 Mar 2025 11:33:29 GMT
content-encoding: br
x-amz-server-side-encryption: AES256
x-amz-version-id: IUOgwSkukpsVgmDkgNQr5gyHkBqYwG5l
server: AmazonS3
etag: W/"979fa39e19714ef83044823ce720576c"
vary: accept-encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: CvDM4t-oki_K49_yeZ-vn01waHcsso_pnSma1iYCh2jQA_enGKmcQg==
content-length: 6578
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672
204 No Content 0 B URL OPTIONS engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=1742029542672 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: ef1d504ee49b2d2351b2155b33980ac0
date: Sat, 15 Mar 2025 09:05:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
200 OK 1.7 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint16:56:26:AA:B3:C3:43:BE:87:33:2B:8C:08:0A:D0:DB:AD:B0:A2:79
ValidityFri, 14 Mar 2025 15:36:05 GMT - Thu, 12 Jun 2025 16:30:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1962), with no line terminators
Hash caa404a086393a6e481f75285355402e
36955f20077f37a8001234fbcc251767312b29e0
818956f856174e80d923978227a58f12ed8d8f4e1c2a44681593531cf045834e
GET /api/v2/configuration?cioSiteId=88be7802c65f35117aaf&cioDatacenter=eu&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 15 Mar 2025 09:05:42 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN3BRQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--058e8d38861dab5e1c6e3f59ac48e4490b0a8498/GS_Endorphina_Juicy_Spring_Challenge_home_tn_1800x520.jpg
200 OK 138 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN3BRQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--058e8d38861dab5e1c6e3f59ac48e4490b0a8498/GS_Endorphina_Juicy_Spring_Challenge_home_tn_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=520, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1800], baseline, precision 8, 1800x520, components 3
Size 138 kB (137601 bytes)
Hash a08d1ab0feedb86da3d6c9099c6b1b63
62d9e61bd972662b860d9e82b69bc90b2cbf4271
4beb1fea8b0f54a5a54eda5f9519c5ec8a1b02914c90c31683fe1395e25c1df5
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN3BRQ1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--058e8d38861dab5e1c6e3f59ac48e4490b0a8498/GS_Endorphina_Juicy_Spring_Challenge_home_tn_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 137601
cf-bgj: h2pri
content-disposition: inline; filename="GS_Endorphina_Juicy_Spring_Challenge_home_tn_1800x520.jpg"; filename*=UTF-8''GS_Endorphina_Juicy_Spring_Challenge_home_tn_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "a08d1ab0feedb86da3d6c9099c6b1b63"
last-modified: Wed, 05 Mar 2025 10:51:01 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C450F73AD5
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f7df8eb4c-CPH
X-Firefox-Spdy: h2
GET track-eu.customer.io/events/page.gif?name=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&data%5Bsign-up%5D=modal&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fgs.aff2go.link%2F&c=&s=df961338-5328-9bd0-87a7-ad29538003ce&site_id=88be7802c65f35117aaf×tamp=1742029534994
200 OK 35 B URL GET track-eu.customer.io/events/page.gif?name=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&data%5Bsign-up%5D=modal&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fgs.aff2go.link%2F&c=&s=df961338-5328-9bd0-87a7-ad29538003ce&site_id=88be7802c65f35117aaf×tamp=1742029534994
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjecttrack-eu.customer.io
FingerprintF1:41:5F:AD:BC:14:44:74:D3:AC:1B:E2:A1:FE:99:09:6D:5F:E3:CC
ValidityWed, 05 Mar 2025 07:18:27 GMT - Tue, 03 Jun 2025 08:12:01 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /events/page.gif?name=https%3A%2F%2Fgoldenstar-casino.com%2F%3Fsign-up%3Dmodal&data%5Bsign-up%5D=modal&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fgs.aff2go.link%2F&c=&s=df961338-5328-9bd0-87a7-ad29538003ce&site_id=88be7802c65f35117aaf×tamp=1742029534994 HTTP/1.1
Host: track-eu.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-disposition: attachment
content-length: 35
content-transfer-encoding: binary
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 15 Mar 2025 09:05:35 GMT
status: 200 OK
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/main.min.js
200 OK 3.0 kB URL GET code.gist.build/renderer/0.4.5/main.min.js
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type ASCII text, with very long lines (3001), with no line terminators
Hash ba51f73681b7eb070b26e4bb2f9cd5cb
e7c9fd005a8478d8e4b71f192aa19bef535d537c
b314121354fb5245f4d9aecc059ff4b23978de4df2a52c2e3c8243099b03f927
GET /renderer/0.4.5/main.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
etag: W/"d0b316e02f8c7ed956d686071a77b5f4"
x-amz-request-id: tx00000f8dccd3becdcd8bf-00679213b8-4759a343-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
age: 2455
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rBGmEbwJDx3cDFpJxlrVWJmtX2rS%2BZjFcBDu9xreFDOXC8021DpUOeRi1IfZqTA2vdVEm8By4xHG9fkFpidlZQHBzs78C4QZF9Q9WXXbGAh90vxKBNLg4NLak2nGUmgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9b9edbbb4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=989&min_rtt=511&rtt_var=459&sent=31&recv=19&lost=0&retrans=0&sent_bytes=22538&recv_bytes=1839&delivery_rate=25923273&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=8756&x=0"
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/softswiss/Gemhalla.webp
200 OK 25 kB URL GET netcontent.cc/goldenstar/i/s3/softswiss/Gemhalla.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d754bfa4bde7c816734484c7e85a483d
a74a983573a8c7bbd6f354319869ba7e7405269f
4664d0f00d122199121ce4efbc3fe81863ff44d6fb96ddf75d24769fed4b187a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/softswiss/Gemhalla.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 24858
last-modified: Wed, 15 Jan 2025 12:20:05 GMT
etag: "6787a7f5-611a"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f4e157128-OSL
X-Firefox-Spdy: h2
GET wss://api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6
101 Switching Protocols 0 B URL GET wss://api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /v3.5/customer/rtm/ws?organization_id=de7d5235-1f8c-4372-8eb8-95143bacdeb6 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r40RDqnq2FCIOTGYbgMgqw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: 0isFpTNQaBt5zBpQhDMERbJ1guQ=
Access-Control-Allow-Origin: https://secure.livechatinc.com
Access-Control-Allow-Credentials: true
Date: Sat, 15 Mar 2025 09:05:38 GMT
Upgrade: websocket
Connection: Upgrade
GET netcontent.cc/goldenstar/i/s3/egt/20VampireBites.webp
200 OK 29 kB URL GET netcontent.cc/goldenstar/i/s3/egt/20VampireBites.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash dd0752638189a802db58968595bb5f8e
81286754dda7f0569f57da933e7bee86aa1a4bc1
b659bbecd7c08a6034282b1fb4a4c073b70dccb93b7659ed7c24ee4af2076ad1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/egt/20VampireBites.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:40 GMT
content-type: image/webp
content-length: 29378
last-modified: Mon, 24 Feb 2025 10:10:05 GMT
etag: "67bc457d-72c2"
expires: Sun, 16 Mar 2025 09:05:40 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9b61e5b7128-OSL
X-Firefox-Spdy: h2
GET code.gist.build/renderer/0.4.5/main.min.js
200 OK 3.0 kB URL GET code.gist.build/renderer/0.4.5/main.min.js
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type ASCII text, with very long lines (3001), with no line terminators
Hash ba51f73681b7eb070b26e4bb2f9cd5cb
e7c9fd005a8478d8e4b71f192aa19bef535d537c
b314121354fb5245f4d9aecc059ff4b23978de4df2a52c2e3c8243099b03f927
GET /renderer/0.4.5/main.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 15:15:57 GMT
x-rgw-object-type: Normal
etag: W/"d0b316e02f8c7ed956d686071a77b5f4"
x-amz-request-id: tx00000f8dccd3becdcd8bf-00679213b8-4759a343-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
age: 2455
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4rxC%2FOwzNjXTTbnGvrd%2BcEY0nf%2FJUiKwKK%2Bhyp5mu7tW2Wfozp3jTqa%2F4dJfZJ8RTxMxNajI5HQliet1zPqcTegylYsx2BGoxiGqTUkq6gtt4bSb9Zm3Nli5tHdkcSz5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9ba0de4b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=964&min_rtt=511&rtt_var=394&sent=34&recv=21&lost=0&retrans=0&sent_bytes=24255&recv_bytes=1926&delivery_rate=25923273&cwnd=257&unsent_bytes=0&cid=858f80552fabc0b1&ts=8777&x=0"
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/fazi/FarmFiesta.webp
200 OK 72 kB URL GET netcontent.cc/goldenstar/i/s3/fazi/FarmFiesta.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash bcb7a2511ff2ed4392b008a2d9b8d0a3
e656d8aa8138489b6b470574060028d467d77352
e40b172616e22793298b28a3191a81b11f0112404b44060236eca06e1def384e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/fazi/FarmFiesta.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 71652
last-modified: Mon, 10 Mar 2025 13:00:06 GMT
etag: "67cee256-117e4"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 82757
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f7e4a7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/evolution/auto_roulette.webp
200 OK 27 kB URL GET netcontent.cc/goldenstar/i/s3/evolution/auto_roulette.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4c7795a3d041a9397094790ad361cdb2
0d82bc3a0408a9713d5e582c96781d966911e912
2399fa4ffd31a03009a52714ae81d8bdd5573cc4453afd2fff2c242e5257035b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/evolution/auto_roulette.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 26636
last-modified: Thu, 27 Jun 2019 06:47:02 GMT
etag: "5d146666-680c"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 41658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad99139237128-OSL
X-Firefox-Spdy: h2
GET cdn.livechatinc.com/widget/static/js/12.DJPUQwQu.chunk.js
200 OK 300 B URL GET cdn.livechatinc.com/widget/static/js/12.DJPUQwQu.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://secure.livechatinc.com/customer/action/open_chat?license_id=17715630&group=2&embedded=1&widget_version=3&unique_groups=1&organizationId=de7d5235-1f8c-4372-8eb8-95143bacdeb6&use_parent_storage=1
Certificate IssuerDigiCert Inc
Subjectlivechat.com
FingerprintA9:A2:B2:15:09:CC:34:E7:F9:94:88:21:E7:5A:86:A1:30:A3:B6:DC
ValidityWed, 10 Jul 2024 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (301), with no line terminators
Hash ecadd75b44a5bfabc1733df2934b19c7
1907849d2c1985a8dfff5a68881abb2dacf55750
34d28753de2f0fdd10ac7acd4ae446cb5b3cb9e08dbaeb210317287a9e06276f
GET /widget/static/js/12.DJPUQwQu.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 13 Dec 2024 08:43:36 GMT
etag: "640caab52100a1e9dfe618aaeb79838f"
x-amz-server-side-encryption: AES256
x-amz-version-id: aKE8wRxERO94vzcXjfdipoyz7572CDwx
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: DI_CIlASYVMG2exdxKyYU3AaFClV5U0OQADU2lJDj_7_ZeuhFKTItg==
vary: Accept-Encoding
content-encoding: gzip
content-length: 202
cache-control: max-age=31536000
expires: Sun, 15 Mar 2026 09:05:37 GMT
date: Sat, 15 Mar 2025 09:05:37 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET goldenstar-casino.com/api/info/project?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073
200 OK 433 B URL GET goldenstar-casino.com/api/info/project?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (481), with no line terminators
Hash 044ab6380d2c30d7ba12b9e3590ec6e9
41b015b9c9a7e6a3b50c57d353ec11642eaebb8a
d7fa0bd6c481a0e6f5284ef482bd7e5e26cf8362cf68df528f164d246aa00224
GET /api/info/project?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http:%2F%2Fgoldenstarlink.com%2Fuadd09073 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 161242136203704636
x-datadog-sampling-priority: 1
x-datadog-trace-id: 2841138849187975679
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:31 GMT
content-type: application/vnd.s.v1+json; charset=utf-8
content-length: 433
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"f0062a5435dbc5b35cd099e88012092d"
cache-control: max-age=0, private, must-revalidate
set-cookie: referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xNjlaIiwicHVyIjpudWxsfX0%3D--5a8a3f5637a8ca602800a7a80c230e8048248e58; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
stag_traffic_source=email; domain=.goldenstar-casino.com; path=/; expires=Tue, 15 Apr 2025 09:05:31 GMT; SameSite=None; Secure
locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; domain=.goldenstar-casino.com; path=/; SameSite=None; Secure
first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff; path=/; expires=Wed, 15 Mar 2045 09:05:31 GMT; SameSite=None; Secure
vary: Accept, Origin
x-request-id: 920ad9792967eb4c-CPH
x-runtime: 0.009438
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9792967eb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__1.png?hash=9d405586460962b9e78a15430f7b2784
200 OK 1.2 kB URL GET goldenstar-casino.com/images/snippets/registr-promo/rerister-promo__icon__1.png?hash=9d405586460962b9e78a15430f7b2784
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
Hash a7c33c3b44f0013f2630bfe4023ae40b
fd41acda057b01013804e8f926f2a4e6c40dcf80
641a5c46d0cda37445de687875092b2eb41ff2f375be83038a83f55cdad58672
GET /images/snippets/registr-promo/rerister-promo__icon__1.png?hash=9d405586460962b9e78a15430f7b2784 HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/png
content-length: 1242
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: "67d455e9-4da"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9847d6deb4c-CPH
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/base.67b2eaf6..svg
200 OK 2.0 kB URL GET goldenstar-casino.com/images/base.67b2eaf6..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash c13379d1581ab6ccf17a26d43fcfa6d5
cf7f260620385622e37a228b9c330c90e90779c6
c8564a7f0ac8774c1571bed45fcbc94eb75d2009f6c30c2278e43a1923e6c63f
GET /images/base.67b2eaf6..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-7b1"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f1ddfeb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET goldenstar-casino.com/images/bonusbuy.8a5c7c0a..svg
200 OK 8.7 kB URL GET goldenstar-casino.com/images/bonusbuy.8a5c7c0a..svg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type SVG Scalable Vector Graphics image
Hash 24987e96ae504595f3434fb3c3fa79fc
dc4bdad04c4e340e96a8d585c4530958b88b8b99
e871d5bd5a7555ba49103fc482b671cd70db9bbbf5f3a50f3c9bf0838fb35ea9
GET /images/bonusbuy.8a5c7c0a..svg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Mar 2025 16:14:33 GMT
etag: W/"67d455e9-21db"
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f2e0aeb4c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/smartsoft/PlinkoX.webp
200 OK 15 kB URL GET netcontent.cc/goldenstar/i/s3/smartsoft/PlinkoX.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash fb4c14a86fcdf918ddafe9fd6d9221ff
72d53eaf9361457bf16cf14b3b0e70ca2f2714dc
0fa1768d6f873fbde515b0a2447469714d179e7ada4542df2d931ee80296492e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/smartsoft/PlinkoX.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 15074
last-modified: Wed, 29 Jun 2022 16:05:02 GMT
etag: "62bc782e-3ae2"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9922a7b7128-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/spribe/keno.webp
200 OK 9.6 kB URL GET netcontent.cc/goldenstar/i/s3/spribe/keno.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 87a3fcb513b56a2afd22d3bcb2d30f56
cdd8e2e2fe84ee34a5f09c7ba671fc018fc4b56c
44460f40888f4c45d17a9bc86ab92944724d5d2f722b139c25312e78795e7c33
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/spribe/keno.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/webp
content-length: 9640
last-modified: Thu, 22 Apr 2021 12:25:02 GMT
etag: "60816b1e-25a8"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9923aa87128-OSL
X-Firefox-Spdy: h2
POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=58a5530a-84fa-4249-ab99-95dd3d2aed8c&batch_time=1742029540193
202 Accepted 53 B URL POST rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=58a5530a-84fa-4249-ab99-95dd3d2aed8c&batch_time=1742029540193
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerDigiCert Inc
Subject*.browser-intake-datadoghq.eu
FingerprintCE:C0:94:E5:28:08:BE:34:E8:49:73:89:40:66:3B:57:98:F8:71:85
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 2ef76ea07f8e47e1c2eec242f76c5751
dfaf5ff19a58649cc4149a448cfc2724edf2e13f
bc6d6535d0f0a0115154b22185bc5d39c4eee979c555cf540a2ea17be0948a3b
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Adevelopment%2Cservice%3Agoldenstar%2Cversion%3A2.1.46-6a348f30&dd-api-key=pubdf151b444517b74b09a940ca1d20b1c0&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=58a5530a-84fa-4249-ab99-95dd3d2aed8c&batch_time=1742029540193 HTTP/1.1
Host: rum.browser-intake-datadoghq.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 16166
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
content-type: application/json
content-length: 53
dd-request-id: 58a5530a-84fa-4249-ab99-95dd3d2aed8c
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Mar 2025 09:05:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET code.gist.build/renderer/0.4.5/main.dart.js
200 OK 1.9 MB URL GET code.gist.build/renderer/0.4.5/main.dart.js
IP
Requested by https://code.gist.build/renderer/0.4.5/index.html
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
File type JavaScript source, ASCII text, with very long lines (727)
Size 1.9 MB (1910057 bytes)
Hash 267078f58c6c0e286ecd4da237a279d1
9af428a784b1e050b8a2a8e863a7dec3f7309f98
14ae57ab2541bf0aafc4b1928cfdfdb6012feeda5c5581d5bb644d0a839a74d1
GET /renderer/0.4.5/main.dart.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.4.5/index.html
Cookie: __cf_bm=XSZEI0MuPmV9yPB_cwJExBPHYo4IFXe4p7X064bPJGs-1742029541-1.0.1.1-.RUEe1lwZdeSabhsB9OOxXmxaJ6GAguzOSJaFJq8zi4NBGHWdF6Fb2FLSrua3YF0r.eQbTkWY52v5aiOJP0fusvnLUoNXig7RbmiyJ5ac6M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 15:15:58 GMT
x-rgw-object-type: Normal
etag: W/"267078f58c6c0e286ecd4da237a279d1"
x-amz-request-id: tx00000fc608aab5ae1ad15-00679213c7-4759a343-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
age: 2283
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BKBa5JhQjDa8zgt1onc%2BQJTh3uxVG9sAMsyFVgPQ3CP3aF04JsMwfUDpXpmp5%2FJ8wxRByg0HUxaXKLa2NAOGh0fDaF3EVAqmyq%2FrRhj9D4b6Hqf4eyyAc3spjurOo2joQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920ad9ba6e92b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=852&min_rtt=511&rtt_var=341&sent=85&recv=26&lost=0&retrans=0&sent_bytes=90165&recv_bytes=2100&delivery_rate=25923273&cwnd=257&unsent_bytes=31856&cid=858f80552fabc0b1&ts=8827&x=0"
X-Firefox-Spdy: h2
GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK0hSQkE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a6b783f70cf61e0b88155934443e4d848ec880b7/GS_Spinomenal_spinoleague_network_promotion_promo_1800x520.jpg
200 OK 175 kB URL GET goldenstar-casino.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK0hSQkE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a6b783f70cf61e0b88155934443e4d848ec880b7/GS_Spinomenal_spinoleague_network_promotion_promo_1800x520.jpg
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
File type JPEG image data, progressive, precision 8, 1800x520, components 3
Size 175 kB (174896 bytes)
Hash 65b9d4acb759f1c996611719e2bd10f9
0540e3a1792a4b8cb9fab89f3ee97dea663f1d91
6531bd2fba48e81cd64a2f099905c4549be5ddcbba397cd0861c703b4bedfda1
GET /cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK0hSQkE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--a6b783f70cf61e0b88155934443e4d848ec880b7/GS_Spinomenal_spinoleague_network_promotion_promo_1800x520.jpg HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/css/pages_.7b313231.css
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: image/jpeg
content-length: 174896
cf-bgj: h2pri
content-disposition: inline; filename="GS_Spinomenal_spinoleague_network_promotion_promo_1800x520.jpg"; filename*=UTF-8''GS_Spinomenal_spinoleague_network_promotion_promo_1800x520.jpg
content-security-policy: block-all-mixed-content
etag: "65b9d4acb759f1c996611719e2bd10f9"
last-modified: Tue, 27 Feb 2024 08:10:33 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 182CB7C44E5B67AD
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: HIT
age: 5707
expires: Sat, 15 Mar 2025 13:05:32 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 920ad97f7e33eb4c-CPH
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 16 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash c2ec4063a976b9d0b0f7b068a4e4e1fa
353c4ca3390f7183750b9213b6dee0a073c97ea4
eb9be07a3dae7ca34f866cb089ff0d58d12326db160d633d2c3b4ebd95dfe40f
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 2434989292283835999
x-datadog-sampling-priority: 1
x-datadog-trace-id: 254398762764863781
Content-Length: 166
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 15605
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"eb9be07a3dae7ca34f866cb089ff0d58"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9885f2deb4c-CPH
x-runtime: 0.024570
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9885f2deb4c-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/platipus/piggytrust.webp
200 OK 32 kB URL GET netcontent.cc/goldenstar/i/s3/platipus/piggytrust.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 67352ecf076a8e36bd7e18f29a256ef3
04404a35f9c0f1095ff6973379cd081f4dc844bd
9157d8380d43bd8681d463710f905e68cc9bf0d0bdebc93bb79ee0eda4eaf320
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/platipus/piggytrust.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 31932
last-modified: Thu, 21 Nov 2024 09:15:05 GMT
etag: "673efa19-7cbc"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27832
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f7e447128-OSL
X-Firefox-Spdy: h2
GET code.gist.build/web/latest/gist.min.js
302 Found 46 kB URL GET code.gist.build/web/latest/gist.min.js
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectcode.gist.build
Fingerprint63:42:6E:A5:1B:97:65:51:8A:70:1B:B2:B9:D1:21:97:F1:56:99:F7
ValidityFri, 28 Feb 2025 21:43:44 GMT - Thu, 29 May 2025 22:43:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/latest/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 15 Mar 2025 09:05:32 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/web/3.14.0/gist.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQiQGBvCctkVp8BDQcNbzNMADk4G0H%2FGvo0dVw08iGYcIgsuMsgc9DhnXGFJyvuAVTMlV6I6M1U8i8YjCuDxZVNIW74z%2Bq%2FrOcC3TOPyEf%2FTU%2FXuWExQYhmNzw%2BhSPL%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9839bddb4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=756&min_rtt=511&rtt_var=449&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3266&recv_bytes=1206&delivery_rate=6884310&cwnd=254&unsent_bytes=0&cid=858f80552fabc0b1&ts=60&x=0"
X-Firefox-Spdy: h2
POST goldenstar-casino.com/api/games_filter
200 OK 15 kB URL POST goldenstar-casino.com/api/games_filter
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectgoldenstar-casino.com
Fingerprint78:1D:0C:D4:BF:D6:F5:3B:D8:A5:37:44:0B:1A:7A:07:66:20:A6:6C
ValidityWed, 19 Feb 2025 03:02:07 GMT - Tue, 20 May 2025 04:01:41 GMT
Hash 797b5af4986c4d7e6fab858e71545195
f3e1284535f30f25ec200535f7228a7c8d9c9669
2a2552fce1934745f72104679d5b81da979c490220bd5f9ec3d955c9ed91efa6
POST /api/games_filter HTTP/1.1
Host: goldenstar-casino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/vnd.s.v2+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/?sign-up=modal
Content-Type: application/json
X-Display-Mode: browser
x-datadog-origin: rum
x-datadog-parent-id: 8519104347836672323
x-datadog-sampling-priority: 1
x-datadog-trace-id: 3002550996537354567
Content-Length: 166
Origin: https://goldenstar-casino.com
DNT: 1
Connection: keep-alive
Cookie: _dd_s=rum=2&id=3cb9d3ff-c5cc-40df-8ae5-d5520d1537df&created=1742029530480&expire=1742030430480; affiliate_id=246216_67d542d89e84e00f1dfedd2d; locale=ImVuIg%3D%3D--1e0a6aa98433813fe46c6b652ef166255d98179e; referral_params=eJwVicsOgyAQAL%2Bm3trglqI24epvkA27UiIPA%2Bv%2FV5O5zEwXDBa0gdE4M9FHA80Lz5qV2kbamAho6DGU53nYXAnTIM315i1njLeg32MJLsWy25%2FI8X3AehFqIi5dsN3n5Wu%2B4olEalHT%2Bw8t8Cgq; stag=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSTBOakl4Tmw4Mk4yUTFOREprT0RsbE9EUmxNREJtTVdSbVpXUmtNbVFpIiwiZXhwIjoiMjAyNS0wNC0xNVQwOTowNTozMS4xOTVaIiwicHVyIjpudWxsfX0%3D--2aef9767af74998b3e42c37b59f043d60db24089; stag_affiliate_tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073; stag_traffic_source=email; first_visited=dHJ1ZQ%3D%3D--e3e26aedc05467fe47c59dcfc6c2811c5be543ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: application/vnd.s.v2+json; charset=utf-8
content-length: 14573
access-control-allow-origin: https://goldenstar-casino.com
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-expose-headers: Location
access-control-max-age: 7200
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-s-media-type: s.v1
etag: W/"2a2552fce1934745f72104679d5b81da"
cache-control: max-age=0, private, must-revalidate
vary: Accept, Origin
x-request-id: 920ad9886f6beb4c-CPH
x-runtime: 0.076237
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 920ad9886f6beb4c-CPH
X-Firefox-Spdy: h2
GET s10k-s3.softswiss.net/competitors/betconstruct/2994.png
200 OK 214 kB URL GET s10k-s3.softswiss.net/competitors/betconstruct/2994.png
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectsoftswiss.net
Fingerprint3D:51:A2:34:50:E5:6B:96:F7:06:58:55:C7:1B:65:42:F9:6F:57:57
ValidityThu, 23 Jan 2025 18:33:08 GMT - Wed, 23 Apr 2025 19:33:06 GMT
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size 214 kB (213924 bytes)
Hash fb23eccf9824e185049772d262a7463d
2e6645ea43503f25e2d0fbfeb9a81af361da711f
c666fe32aec647f76e1459263c9803697747a5c269360174700acbf5576b48cf
GET /competitors/betconstruct/2994.png HTTP/1.1
Host: s10k-s3.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:33 GMT
content-type: image/png
content-length: 213924
cf-bgj: imgq:100,h2pri
cf-polished: origSize=234599
etag: "cf7b6dc7bca396dee30ca01481b3f405"
last-modified: Mon, 03 Jun 2024 12:03:08 GMT
x-amz-id-2: nw1ZqOWto/aKuLTaU9LA8ZhuYp5aSAdCvIQLO/4KF02Te4f+YX625GxHza8QNMMZVRVWzSZDZh4=
x-amz-request-id: H3EFZNY8J760KJCS
cf-cache-status: HIT
age: 91015
expires: Sun, 15 Mar 2026 09:05:33 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98aaea9b51b-OSL
X-Firefox-Spdy: h2
GET netcontent.cc/i/flags/countries/rectangular/no.svg
200 OK 440 B URL GET netcontent.cc/i/flags/countries/rectangular/no.svg
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type SVG Scalable Vector Graphics image
Hash 4c951c4a11843445099c916a3d6e1aeb
c536452112c42bf1b16b9d5ff36d80c5609b698a
c144789164e2a8546ea78823341f0640592f9a57b5a5a3c4b630a319ff60b08d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /i/flags/countries/rectangular/no.svg HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:35 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Jan 2022 07:35:03 GMT
etag: W/"61e66da7-1b8"
expires: Sun, 16 Mar 2025 09:05:35 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 65272
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad9946eac7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET stats-api.feedconstruct.com/images/e/b/0/1285.png
200 OK 13 kB URL GET stats-api.feedconstruct.com/images/e/b/0/1285.png
IP
ASN #209242 Cloudflare London, LLC
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectfeedconstruct.com
Fingerprint74:22:7F:1E:39:C1:D3:BC:81:77:95:9C:56:45:2E:50:50:73:E2:CF
ValidityMon, 03 Mar 2025 17:19:54 GMT - Sun, 01 Jun 2025 18:19:51 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Hash 38ae647d7b471fc83b16dedefd883f22
2280d8b1351058d6afe78f3d656a732238178390
643cd67adfb908134cb6983bfa04025d26e108be3a60e8ed08dbe2df30107010
GET /images/e/b/0/1285.png HTTP/1.1
Host: stats-api.feedconstruct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/png
content-length: 13408
last-modified: Thu, 05 Apr 2018 06:49:26 GMT
etag: "3246533daaccd31:0"
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 6829
expires: Sat, 15 Mar 2025 13:05:34 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=xKKMs6n4CUCd3GUqK9X7lyDMkIRq7vkQa.d8VWKsaw0-1742029534-1.0.1.1-CkL.yy7OiGyzshD_XZs6zRLYeZOuHxvELes2_tWyv1F0i13otAOuOG9vz9LSOVD7Iv4s88iI5yndunH2gEoVyRjwQqLb1k5xKYh9QePE.H0; path=/; expires=Sat, 15-Mar-25 09:35:34 GMT; domain=.feedconstruct.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98b9ccaebc6-CPH
X-Firefox-Spdy: h2
GET netcontent.cc/goldenstar/i/s3/gamzix/PatricksLuckHoldTheSpin.webp
200 OK 27 kB URL GET netcontent.cc/goldenstar/i/s3/gamzix/PatricksLuckHoldTheSpin.webp
IP
Requested by https://goldenstar-casino.com/?stag=246216_67d542d89e84e00f1dfedd2d&sign-up=modal&tr_src=email&tracking_link=http%3A%2F%2Fgoldenstarlink.com%2Fuadd09073
Certificate IssuerGoogle Trust Services
Subjectnetcontent.cc
Fingerprint17:C5:0B:F4:C4:5B:C9:C7:DE:D9:01:BD:D6:C2:1D:F9:33:02:52:CB
ValidityFri, 07 Feb 2025 16:05:11 GMT - Thu, 08 May 2025 17:04:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a8cba32c6920beaa2e6533c027f6a995
ff1ddf49b82f36b8f44204b2dccaad92eeebcc17
934f873e5c2bef451f289f2e1cf8b063b9b7ce62335e04eaadb64a9ad2ac957c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /goldenstar/i/s3/gamzix/PatricksLuckHoldTheSpin.webp HTTP/1.1
Host: netcontent.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldenstar-casino.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Mar 2025 09:05:34 GMT
content-type: image/webp
content-length: 27278
last-modified: Tue, 25 Feb 2025 14:50:05 GMT
etag: "67bdd89d-6a8e"
expires: Sun, 16 Mar 2025 09:05:34 GMT
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 27832
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 920ad98f6e3a7128-OSL
X-Firefox-Spdy: h2
172.67.162.186
142.250.74.131
185.162.228.7
95.101.11.170
35.214.183.184
88.214.195.102
0.0.0.0