{"report_id":"619a92c8-dc00-4ca4-b3bf-50757260173f","version":6,"status":"done","tags":[],"date":"2026-04-11T13:33:25Z","url":{"schema":"https","addr":"hollandcasino.ink","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"104.21.26.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"title":"Holland Casino","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"hollandcasino.ink","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"104.21.26.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-16T13:33:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"hollandcasino.ink","ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-13","domain_rank":0,"first_seen":"2026-04-11T13:33:26.633023Z","last_seen":"2026-04-11T13:33:28.236435Z","alert_count":22,"request_count":22,"received_data":649425,"sent_data":11070,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":9,"received_data":314743,"sent_data":4976,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":1,"received_data":67862,"sent_data":538,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/js/main.min.js?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c5516ed89b0252132df4f9f8b81249a","sha1":"af52784ffe12ed56650b4888a1bc5091d516af70","sha256":"3e0f53ce62244bda1de288529b02a165a3e3a8f3d4419c078fb3e0093378ebb3","sha512":"8d60ba299569012101ccbe3fdf897274eeff8c4cab190e4cec2c85d53f7425bb021f6580982d8577cc210471104821d51e0a8180b8f360e3df2880f13675cf43","ssdeep":"768:Tjf4u99RaLdk6nwq3Ae9/vKlLo5b5w2ZZfaV5v4dbx5R5055HyxnEETe:f4msS+Agyl1gy4bdMSDTe","tlshash":"c2e22b7ed2a6773c17d8a68cd7266e003f2b095eda4091b05dd51a86f8bdd830107b7b","size":33426,"data":"","first_seen":"2026-04-09T00:57:21.985305Z","last_seen":"2026-04-12T13:05:54.244397Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b13625eeeee517f18024de37616c17b8","sha1":"22d5c530662b9a672f2a8fc35f104e01462d65d5","sha256":"d845f92187b02c4e9831ac75798bdd0385153719fad7965e212a78e4d109ff8c","sha512":"ae2b16ae6fa71c161a4d5bd64818864def5a7c4c53caeef41121fb9487649bccc1ee1e95c3f6182dcb68892196e2029f9fbf2203aac97f69b0268749150ba676","ssdeep":"","tlshash":"a3e0a7fda0e91131b167207c36bb03e03933609779413529be6dc3801f6156b9100ac9","size":316,"data":"","first_seen":"2026-03-01T09:27:42.801147Z","last_seen":"2026-04-12T13:05:54.245298Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ee4735dc2b01aee5c5af3238956e9c31","sha1":"ea15c097c57160b8eff7af4aeb7d34cb44145b78","sha256":"7980494d34e625c3dedca75f6b11be68376ddaf19c1b4073d3558d27bf036686","sha512":"2df78467901ba629b8f62a4a4704b3decc8ee8a6c913868c2d013cfbb9d2b5bfa449c718df1604257362c4a67a5269d07129eea2efc8e60633aabfe3be0b2626","ssdeep":"","tlshash":"0411c068da6600773072720e1b9f2b2231269ef30290ca063f9e3e4f2fc254781817dd","size":967,"data":"","first_seen":"2026-03-01T09:27:42.803996Z","last_seen":"2026-04-12T13:05:54.245989Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbe25605d1989f8f7d92b47236de7fc4","sha1":"2a9a241d0656c609b59c0d526ea8ebc46982112b","sha256":"6dda13333a44554552c7b00d76b9a2a40e225a1e009595a3843bcbac1a52ba5d","sha512":"ac17496c43d0238f282cec7d36fffbd46bd1781d2b590b9a1f79b4e7944d1a5189e31d26a337313e5f9f901f106596df8eae4faa198eb6ac67e3956e3b0f355a","ssdeep":"","tlshash":"3641df0aaeea20b7707370585e0f6110352f96b74284d9453fed6b6e1fd3168c24e6cc","size":2061,"data":"","first_seen":"2026-04-10T19:27:27.008348Z","last_seen":"2026-04-12T13:05:54.154573Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9bf3bd9d8a02972e330f6ae994831905","sha1":"acf4cf857a50d03a01e779c3bca0b885e85713c3","sha256":"89efa13c0893dffde2bc385b0440761a351ee7d5b949498bfa5f2e55411e2e73","sha512":"52a87a7e7533141d1586a530b42cbaea679d5f25f282d66938f87eeb0da7bd1ffcc7ab5c24f5af7ad512192a9613d745ead06dd024d4eb636eaaca98a4619614","ssdeep":"","tlshash":"2bf0e1bb9822253596a7a52d707fabc2b466100f28015f90795d58a89fa6e04071baec","size":567,"data":"","first_seen":"2026-04-11T13:33:29.42834Z","last_seen":"2026-04-11T13:35:29.347609Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4104338f53af67b5d57b2aa9cd77c4fc","sha1":"a1aee51dfad11799ad4bc25e5840f442ed26ec1d","sha256":"1d7ff706347e1b7474c6d7ecbd49e5a0ace911aef0c9f81557294832f07cee67","sha512":"e304728d32d61acce271495d700e4f85d5c4e870f53f06882f8fba4f63ffc848a127ee267c144066b5b1ce5e1008cd52c6aa490ce6a364b95e2ccc9a9a40bf86","ssdeep":"","tlshash":"dbf02e6e0aaa11308b13702926ae7b9279a22013207ad440fd1dd848efe0b4c00baad8","size":550,"data":"","first_seen":"2026-03-14T05:28:32.795906Z","last_seen":"2026-04-12T13:05:54.155854Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"be70ab3a4893c48d3811ef52e29b9503","sha1":"ebc69f4715b1367c2b5183de43103f094dc85c3d","sha256":"3ef1da1b3ed48a4a6908063b030ec50ae50ba7945981bfa825f76a122ceab362","sha512":"fab4585d8e5dd75eb3706733be0d342fe6fed09a24b2e25190647d102dd5e85df53dda29faa98fd40ceeccfdc477aed45faab77e15dade869c486ebfaf8b30dd","ssdeep":"","tlshash":"41216da89a7f22554a6fc1a7bddd669a31b0010f5004c38a7c2c849b0ff4f6725f56e5","size":1254,"data":"","first_seen":"2024-12-28T15:19:53.586052Z","last_seen":"2026-04-12T13:05:54.248763Z","times_seen":256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2841fd117a6757899dd582741ba353fe","sha1":"1cc391c4aa24b1495a56c62ada673fe93c837b80","sha256":"fd8dc91514fa31d0df82b2df9b3b343c94f3e48cd77cce0912f4847d18bc4093","sha512":"2f89a8cf63eb8d5cf5fbdc87cef75f656cbce8e0f94a6d1749d4c7760c85992c8b0186d2a7873975cdfb8cfd4b87f70969ceaa585216fca1057e59bdc739ab31","ssdeep":"","tlshash":"41f0e9182275347044b378afd58f99c1745940c760cb98a27d5d471b4fc48baeaf26de","size":519,"data":"","first_seen":"2024-12-23T10:36:44.297743Z","last_seen":"2026-04-12T13:30:18.396158Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/js/script.js?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf476bfd361bd1968b8faca737c561eb","sha1":"f2fed6bbedd0350d5aac965a1db3c49c623949b7","sha256":"2c56edcebd0c683da4b509cb9a320aa5c4b030d42396bbe75a5fd9e99bbae2d2","sha512":"31f181d79f8571b23b2ae3c3eabd9ee2d21ae446e594662599c6e622b02090aa57677fb1620231c27ad33847307723465815c71a792096fb95e6243c3190b9b8","ssdeep":"384:Pia5nuka6lO9sr8eTb8s8lyYL1lB5BYrW8fWbXOyaj:PiajlkeTb8s+9YHj","tlshash":"5852425a13fa05345573a0ba9f8b0e413120901f2847da293d9c45c96fc6e3a99fdffa","size":13382,"data":"","first_seen":"2026-01-27T03:23:56.523321Z","last_seen":"2026-04-12T13:05:54.144541Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/js/main.min.js?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/js/main.min.js?v=43.4.2 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 06 Apr 2026 11:46:49 GMT\r\netag: W/\"69d39d29-8292\"\r\ncache-control: public, max-age=31536000, immutable, stale-while-revalidate=7200\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FwgG4DBp6XTsijIotV44g%2F5igGhxb3eikpxKu02Aa3OogWbEamnMC0S1gv1keiv%2FobId%2BWZjXGybxb9SAC%2FUpGb4j%2BEXkdESebUgPXrbw4JqgAar2el1AlVoGE%2BLohT5%2BJ%2BBdA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5aa95ec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33426,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23538), with NEL line terminators","md5":"9e29180cf8c3ba4b6d3427e7772b2bcb","sha1":"2eaafa2fda1e6bcf34b6ffe57d3d762a34ce723d","sha256":"73b74057876b7f0a0a639f2c6de45e2a2be6fbb912fa5b5fb71ad3121c534257","sha512":"16c358237f7f8d7f1de5b7ce3a3605d74899fea946d1fec967c5b97173f649fde094f83493d80e5633c61b3d185a61e2338120e17032c585394e1a92dac53c24","ssdeep":"768:Tjf4u99RaLdk6nwq3Ae9/vKlLo5b5w2ZZfaV5xq5R5055HyxnEETe:f4msS+Agyl1gVdMSDTe","tlshash":"b5f22a6ed2b6773c0be8b68cdb235f403e1b855eca4490b85d951b85bcbdd860103a7b","first_seen":"2026-04-09T00:57:21.970697Z","last_seen":"2026-04-12T13:30:04.177499Z","times_seen":13,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/image-1768324344633-7tlh_375x667.webp","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/image-1768324344633-7tlh_375x667.webp HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 47576\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:24 GMT\r\netag: \"69667cf8-b9d8\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JQjt%2BLhj7keOMmbTAXPbsD7Xo5uDJ3DvqoU0BUe7rLbmHkhWtgSE0H3FV7%2BmnQtub9DlsCWCLV6BztOFLry96Ue4QiM7HCwOOopfo%2FTb%2FBJ6Ns%2FNsQS%2BWSsur%2FjxBBral5MB0Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e3c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47576,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 375x667, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"78e6f318ea241a7ef7fae67e96f8f76d","sha1":"d63737debf2147d79e87cb9a97dc3f2011d76965","sha256":"6a40274bd8a4be3303c0f83ebb39a617ecc129f83ac75ff3b79dbdd2fa96fe17","sha512":"a98edb837d48b13cf4968b932bd74477a720ee878352be8890274110b1bb1506438f2af21578b0e298046f526df66d4a58fe0280f70e147cb2e20f15b447a14d","ssdeep":"768:KJ7C+TLka5yzlv7TiMCzvmuu+FuWaDsAc02WFpI7NFXdFRd765RS3bFry/YztrF+:KA+/kgClviMCKu+Z4502cI7FdoYJryw+","tlshash":"b923010ffe8e89f534b211af902174dd1d06f35a2157c2dda273ea18ea8f89210d419f","first_seen":"2026-04-11T13:33:29.384608Z","last_seen":"2026-04-11T13:35:29.335107Z","times_seen":2,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T13:33:01.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Authorization\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-download-options: noopen\r\nreferrer-policy: no-referrer, strict-origin-when-cross-origin\r\ncontent-language: en-US\r\nset-cookie: pwauid=54QJe6T2PZGaMQhH; Max-Age=31536000; Path=/; Expires=Sun, 11 Apr 2027 13:33:02 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ySGLW0TlPkKgtLypz5QslOK0dR9kDaHIWaDW88rahm3iS7hfMm3izQqSjyro8Y2%2BD2SFMxmLc0W%2F91uF0rnGJyru1MUvLVPtp4FX6d4bjULIsgfDu1NSiiFOcUX2wOMnaVmudQ%3D%3D\"}]}\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9eaa5c578e9b5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}],"data":{"size":118527,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (991)","md5":"8b0f5e760902a00c45a155de4dd91d0f","sha1":"d715ba8551a8b45f0cae32b41c5015a4b7f8950e","sha256":"4c12b6a8014b2d38b631a4246129bd4eb53d1c07b14b6f63f6ce1a85215ecda7","sha512":"768b4f237a1af8c984aafcc1712df52b74d3c391c03b7f70bfdf08bbe1588d3c472a18006480b3f08e5e980a7c873b765dbcebfdf9c762c350a7f599d0ecd7e0","ssdeep":"768:FLFRRD0b46lcu2e/oSiNooSiNLoSiN6XoSiNCeoSiN3OoSiNDoSiN6oSiNB+oSiE:FLFRRD0E6r2esv+/69+cc+nHSLRwU2","tlshash":"00c32fa150f6109610e7e1d0bf666a0a36d2f617d64bc74877ec56a88fc3db2ec1329c","first_seen":"2026-04-11T13:33:29.388514Z","last_seen":"2026-04-11T13:33:29.388514Z","times_seen":1,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":39,"dns":20,"connect":1,"send":0,"wait":264,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 03:11:45 GMT\r\nexpires: Fri, 09 Apr 2027 03:11:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210078\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-12T13:33:00.435093Z","times_seen":3927,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":114,"dns":1,"connect":33,"send":0,"wait":54,"receive":2,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 10:17:38 GMT\r\nexpires: Fri, 09 Apr 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184525\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-12T13:01:56.888892Z","times_seen":76235,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":92,"dns":0,"connect":0,"send":0,"wait":48,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/img/star-full.png","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/img/star-full.png HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 176\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\netag: \"69a82edc-b0\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bo02LcRbybADX4z52uQGajNJuqLVfwfG9GoFCoFHUMinqevB4V91QT3Tm2mchNCGrSyQOdsiSKEZcv4rNpgawzQqbzeQLClKPeclXYeQDf5h%2BD0oKBTMMIvwsEPpBEmdysgcFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a995ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 10, 8-bit gray+alpha, non-interlaced","md5":"3e031ab0a5a09974b011daa845aa667a","sha1":"0548289c9bc925c76bbfca859d65a5da4541fa64","sha256":"38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5","sha512":"7afa86e05dae180805234eebfd98c8c3f2967250b7bb6dd9831340d36a3536e90c38a8a77dc38c70c214217ea99011ad75aff0f089f8e16bd6cce3ea86221ee4","ssdeep":"","tlshash":"e1c022e504789d28ca43416142804870e970008f2041d9452149232c040230c00887d3","first_seen":"2023-05-29T14:41:10Z","last_seen":"2026-04-12T13:05:54.150253Z","times_seen":163,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/analytic/54QJe6T2PZGaMQhH","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /analytic/54QJe6T2PZGaMQhH HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Authorization\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-download-options: noopen\r\nreferrer-policy: no-referrer, strict-origin-when-cross-origin\r\ncontent-language: en-US\r\netag: W/\"203-EEfJAWrn6EUhp0Ozmw1g59NiUqU\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVhxjAWfQA%2BSrnh0Genlr7gNEYjSOofHxInRCd9MfeNpMVRZgVaf2mhpa4PUnt5a0Dki0lNsiHYBfB%2Butu5jiG%2BDqFPuoPpei9APficHTTts2Jl%2FmvrTM1IVflhvELqwrvUmMw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d89dfc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":515,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d7231c748d59be3a318c71fe4bb9812a","sha1":"1047c9016ae7e84521a743b39b0d60e7d36252a5","sha256":"2279db587331506b3847be036c55c60727e735d5728b0ab398dfccbab81e0ea1","sha512":"f0e5d910c00ae5c8ebdf58c8dff489be7e983c3a84155f03840ebce8fa2378ed459197361a8bbaa53a83594be2a4abdb5eb7025a3167922c734db73a0d44c485","ssdeep":"","tlshash":"a3f0591b818f0326f7c156b6790d266b3dce695a998b889193383b5104d72bc2181767","first_seen":"2026-04-11T13:33:29.396122Z","last_seen":"2026-04-11T13:33:29.396122Z","times_seen":1,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/g1c2z-ZSMaA4.png?v=1768324592815","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/g1c2z-ZSMaA4.png?v=1768324592815 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 4449\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:16:32 GMT\r\netag: \"69667df0-1161\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bgNwoZtxg6VDRJq4wRbrYO3P%2Fd4Rgoqn32hrj4WeQiOux1fGZ17L2AOPoMudPhpr2Kld1o%2BTWxaxO6z1HaOck09ej37KNMskSZKFb5ADb1HuEZPwtvm7xvehv7SuREDmNEQtVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e5c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4449,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"034f428c478f41767eda4af9f724cc94","sha1":"525118447abd383a55b68b4cf345e13b426e54ed","sha256":"1ae3251ff39b9f2eaa3cd0d7c01180b4fb763937c705fd46848defca7b5d0403","sha512":"38f1232b42f3662e0865a0ba05917d486d32f0e89b628afe6c1ddcae7d5004740650f989a424cfe42a90bfe5d940c69fbe7b643097ef2f79632b38560832dbb7","ssdeep":"96:WKZPtF7t16kXSr4zrlQxcKaNnMfZz8QQm/Q1ztvVTcQaMF5ymeCpZ:zPxXSrgr2cKaMd/Q1btTomVZ","tlshash":"f6917dfd13851682521994bf139a306cb00539547e376fb703fe41acf5e5b751995380","first_seen":"2026-04-11T13:33:29.399327Z","last_seen":"2026-04-11T13:35:29.343959Z","times_seen":2,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 10:17:38 GMT\r\nexpires: Fri, 09 Apr 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184525\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-12T13:01:56.888892Z","times_seen":76235,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":114,"dns":1,"connect":32,"send":0,"wait":53,"receive":4,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 03:11:45 GMT\r\nexpires: Fri, 09 Apr 2027 03:11:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210078\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-12T13:33:00.435093Z","times_seen":3927,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":114,"dns":2,"connect":32,"send":0,"wait":56,"receive":2,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 10:17:38 GMT\r\nexpires: Fri, 09 Apr 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184525\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-12T13:01:56.888892Z","times_seen":76235,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":117,"dns":0,"connect":15,"send":0,"wait":16,"receive":20,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 03:11:45 GMT\r\nexpires: Fri, 09 Apr 2027 03:11:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210078\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-12T13:33:00.435093Z","times_seen":3927,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":32,"send":0,"wait":56,"receive":3,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=192x192","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=192x192 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21808\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:27 GMT\r\netag: \"69667cfb-5530\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NAVIUbNMzYYYc5LjMbFGvBR3YKu8UBEhOZ2eKGNK%2F6NoCjyRA2F8raEIiYijWZxNotfFLSUHbzuydL1KL6%2BnYUR0CbMRBy57ulJ19YlUTubCZFG98%2BJlVX%2B9dD6aFYOL0vRb5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9957c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7bc592c626ef3457ebc207144f0ec5dc","sha1":"f22a06c367780dde955a2376316d6403308a6856","sha256":"e2ede400d489dbbfc6cdc9758a90bb23779bcf02736a2fc2b912464f497fd4d4","sha512":"ef62b0ac09bfb68ee84861184e7e0c7d3c9f05d29c31fc1210e5ebdcaa43243ad40f9428d72749d4978e22342dc4baebce92877b738518c9597287ce164015fb","ssdeep":"384:fBNOk9Fkj3HYZ+kGbmx5wnCgEko8ZMmOOAlaMI3GjzEicU/Dj4q87YvjyA:POMq3YZ+vi5wCgEgZM5OAE730zEi1nJT","tlshash":"91a2c0c91838eb69cde79ddd7a5233c20ab4fcd8d804c63a68a384acb8d451c9153977","first_seen":"2026-04-11T13:33:29.401958Z","last_seen":"2026-04-11T13:35:29.328081Z","times_seen":2,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/image-1768324343853-unl6_375x667.webp","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/image-1768324343853-unl6_375x667.webp HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 35214\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:23 GMT\r\netag: \"69667cf7-898e\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AXrEr97SXyTRfMs6QBzLHamOZtHRhm6UZ9Ujfo59Z54N4I8ErRs8S0Gk%2BlyFDulIO1AFpdjNbKKbv0yIs7WkVkv1OFPoU7KxahXlmiNkvSIiAN1LjWX3%2Fal9xXtb3Ho2CFo%2BsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e1c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35214,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 375x667, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"db296ef01283401302b6a67534aed8f8","sha1":"04d6f3dcea7e0534b3bb042d536e33ab843936b9","sha256":"5747be6fb9503b3c67707209cde16f1f0f54a276a78b8a75b5b8a26306547c97","sha512":"f2e924d69a48282f1e85ea00deca59313c52695bbfab6d523072a1fc484b8d98b5a16520af13e64717f63597151b77d8fc685fd67ba3a1d67cf9382c30468c7c","ssdeep":"768:N+/ti3EXje7882Rh3Cu6FUON2RxvP7rn+ejRuI/hZGhCXamaEA3X0hG:Qli0Te7n2Rh336+ONwx7rnJ95ZEm5Q","tlshash":"6bf2f12a56c94461eaecd4356bf5fe2603eaeeaeeb947710756403a4c1583c8c23d49c","first_seen":"2026-04-11T13:33:29.404371Z","last_seen":"2026-04-11T13:35:29.333032Z","times_seen":2,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/image-1768324346401-y7z8_375x667.webp","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/image-1768324346401-y7z8_375x667.webp HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62088\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:26 GMT\r\netag: \"69667cfa-f288\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FiZPnWrOoZz5c3EsmybYp3%2FbQIJfnHXc8uvFOx%2FyaWMv3NXxSc2334%2BKKCFMzON6WOOToJsQAlg%2BJBiuO8gLUZiAPYS%2BZdi3JesN9gylex8Yq9ysbY5DkkU1XModueiteCGTxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e4c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62088,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 375x667, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9fd5cb0fd57266a5c6d01074e5ae567e","sha1":"2851248deaa0da0c3d06eeda5d7faee9f6a03282","sha256":"f183e8f1593203ae09082f3696601bfbca84665d41999a1eb505ad2ee1c8b6ff","sha512":"e56eb992dbf90d323eea45900ed22fd13f09c328408ac8b30bedb4ef108ddba3a75dd7304aa21914806cbdf0fa2c42291c61abb585da23e5f985d6fd55e1e592","ssdeep":"1536:RGNVpn4YRuhaehWESdD0oWYvPGiYXfpEqzuM3nFZxnbxMYK45mAc:4NbzuV0+oWoPGiYXx3Z3njxbxMYKymAc","tlshash":"57530171f980d9164b313d1d25290d3318070eff678add1d7ea8af0e92c099ab246ae7","first_seen":"2026-04-11T13:33:29.406762Z","last_seen":"2026-04-11T13:35:29.335801Z","times_seen":2,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":185,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 10:17:38 GMT\r\nexpires: Fri, 09 Apr 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184525\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-12T13:01:56.888892Z","times_seen":76235,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":184,"dns":0,"connect":30,"send":0,"wait":16,"receive":2,"ssl":150},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20556\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 02:36:32 GMT\r\nexpires: Fri, 09 Apr 2027 02:36:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 212191\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20556,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20556, version 1.0","md5":"8feefe1e602c4b14ff414a77c3af2c2c","sha1":"e57daae78e76c8944e97edecfa656f8608e09db5","sha256":"2addf2d86d7a5778653b36d551e97a39da52855f82fac7461cfc1bd86d460aed","sha512":"893f9695ee887eed00246f24d4ec3e17ed64e2af4fab055f951795f50d34f3685aafcfbda943060a132c42169d2ef5c99d3db4fb901d57a09e712b4ff02afd92","ssdeep":"384:tpv6fcCujSd2+uNZ0omwRnNPqfWvx/CldKV8D2w9lQXL79Ci5q8S/USM2BHRpWp6:fxC0So4wRhx90K6ywQLIWS8S5By5AR","tlshash":"8792e056b288746a77e4e3ecc859ae6c65ed9b0f0c1b15b909322122f196c4734930f9","first_seen":"2026-02-19T22:35:21.90447Z","last_seen":"2026-04-12T13:22:21.830633Z","times_seen":7963,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":35,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=180x180","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=180x180 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21808\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:27 GMT\r\netag: \"69667cfb-5530\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PrrPNVyd5XqVGVqapkoceKAVgUDIWu4XKB0wMT6mKGNYukQOPoYYpE1IEvP6R6S2btMsVM5Cqsmx0ojUyuNmYhaG%2FI8N7kC99zn894hQ9uy5CCvb%2Biir2Xia37hJ4GfDwc6zMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c613a8bc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7bc592c626ef3457ebc207144f0ec5dc","sha1":"f22a06c367780dde955a2376316d6403308a6856","sha256":"e2ede400d489dbbfc6cdc9758a90bb23779bcf02736a2fc2b912464f497fd4d4","sha512":"ef62b0ac09bfb68ee84861184e7e0c7d3c9f05d29c31fc1210e5ebdcaa43243ad40f9428d72749d4978e22342dc4baebce92877b738518c9597287ce164015fb","ssdeep":"384:fBNOk9Fkj3HYZ+kGbmx5wnCgEko8ZMmOOAlaMI3GjzEicU/Dj4q87YvjyA:POMq3YZ+vi5wCgEgZM5OAE730zEi1nJT","tlshash":"91a2c0c91838eb69cde79ddd7a5233c20ab4fcd8d804c63a68a384acb8d451c9153977","first_seen":"2026-04-11T13:33:29.401958Z","last_seen":"2026-04-11T13:35:29.328081Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=180x180","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=180x180 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21808\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:27 GMT\r\netag: \"69667cfb-5530\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D9zeHSOKb%2BtZTOb8BnEbZ4%2F%2FVJuDOuH63YgKQTEXogqBSVCEYbdKyFqZnJx1fFEmMo5KSWjzWi6ddngWLsSs2U0DeXCEfesX3eaxQcMx02DJB7ob8gwZu1OjQpgyLIlceyq0Gg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9956c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7bc592c626ef3457ebc207144f0ec5dc","sha1":"f22a06c367780dde955a2376316d6403308a6856","sha256":"e2ede400d489dbbfc6cdc9758a90bb23779bcf02736a2fc2b912464f497fd4d4","sha512":"ef62b0ac09bfb68ee84861184e7e0c7d3c9f05d29c31fc1210e5ebdcaa43243ad40f9428d72749d4978e22342dc4baebce92877b738518c9597287ce164015fb","ssdeep":"384:fBNOk9Fkj3HYZ+kGbmx5wnCgEko8ZMmOOAlaMI3GjzEicU/Dj4q87YvjyA:POMq3YZ+vi5wCgEgZM5OAE730zEi1nJT","tlshash":"91a2c0c91838eb69cde79ddd7a5233c20ab4fcd8d804c63a68a384acb8d451c9153977","first_seen":"2026-04-11T13:33:29.401958Z","last_seen":"2026-04-11T13:35:29.328081Z","times_seen":2,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/css/style.min.css?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/css/style.min.css?v=43.4.2 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\netag: W/\"69a82edc-1379b\"\r\ncache-control: public, max-age=31536000, immutable, stale-while-revalidate=7200\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2c0eVUlqJOtS23Uv8NJa1cezovU2pJSyVwvZ%2B%2BXwEZTQIfvxk0xl6PFicUlqfA2w%2BZ2QGFymfGPhzADkOJc%2FCvTgkbOtxO%2FMqRmoQy0UiBOYHjdSsZn1zdJQ%2BXptfjzT4mTk%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9958c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79771,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"823d49a0f6beefe8874089f871457e99","sha1":"0fec4b75b867a4d7847181e017055f922943a9d3","sha256":"697a6cf629039092f08215048be01b67598c6b0b991302fb982a5b232ac216f9","sha512":"df1183c8329c4e3a5e26f50ac8f62bd83869dc14521ff72d392747d0bd19053c30bf14bea49c674dc53d56bc6d295a0a41041a8d99ad2201b33e136f01d3fbba","ssdeep":"1536:SQGdpFwVk5MPMJMuSS02Pqj7mquj/Kmm+zpRvhGPf7vVP:SQGqTfP","tlshash":"cd73ea219a55312eb077c26aa5d2554e233cd503f6236beefa94b529c7c7783223378c","first_seen":"2026-03-14T05:28:32.78929Z","last_seen":"2026-04-12T13:05:54.146036Z","times_seen":11,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/img/right-arrow.svg","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/img/right-arrow.svg HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NAkquKs1qe%2B0ZEdizCsyrYkk4UnlxZuhM6y%2FKHZuM%2BrlE23TItqIapbMRsGxhS4zCeXNnjeX%2BNadqbX9eDv%2BY6tU0ZlPm7rLzWt5iWqPgxtgrMp5JiEKhqgAbndsAsOCwSzNQQ%3D%3D\"}]}\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\netag: W/\"69a82edc-e2\"\r\ncf-ray: 9eaa5c5aa95cc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cdc8c4dfb326d61e002af3717a6ba6b8","sha1":"1cd5de8164afc52d01339fc90c67cb28c2caaeec","sha256":"e83c7215bc8fc58ea06d5e459ee3c3823cb9a556f967326884189f281699e33e","sha512":"1dd538575a6d85ea30915995f05e545488673e7d022d481faf660a6d5f6ad43c9c647cc487d62bfb8429a0f2b6070de895bf3b1b498710bbecd33e282f081247","ssdeep":"","tlshash":"c8d02361d15c5e88df0cc2609f7cbd6312e9f1b60a4901cfe400d3116505467dc47edc","first_seen":"2023-06-12T09:53:26Z","last_seen":"2026-04-12T13:05:54.140695Z","times_seen":157,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/js/script.js?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/js/script.js?v=43.4.2 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\netag: W/\"69a82edc-345a\"\r\ncache-control: public, max-age=31536000, immutable, stale-while-revalidate=7200\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YUMDgTOivozYBo5jqYq1nN6S31aHsiRr3VqgSEoAag8yC%2B5l7wZzcwiMkn%2BzM93uFcBKkzDDqgsBMeYd0SKgZVYi4roUuoJED0IFWBe8h2MtkSmOOVACSZQQoilQcQVuJL%2BXzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5aa95dc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13402,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cf476bfd361bd1968b8faca737c561eb","sha1":"f2fed6bbedd0350d5aac965a1db3c49c623949b7","sha256":"2c56edcebd0c683da4b509cb9a320aa5c4b030d42396bbe75a5fd9e99bbae2d2","sha512":"31f181d79f8571b23b2ae3c3eabd9ee2d21ae446e594662599c6e622b02090aa57677fb1620231c27ad33847307723465815c71a792096fb95e6243c3190b9b8","ssdeep":"384:Pia5nuka6lO9sr8eTb8s8lyYL1lB5BYrW8fWbXOyaj:PiajlkeTb8s+9YHj","tlshash":"5852425a13fa05345573a0ba9f8b0e413120901f2847da293d9c45c96fc6e3a99fdffa","first_seen":"2026-01-27T03:23:56.523321Z","last_seen":"2026-04-12T13:05:54.144541Z","times_seen":16,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:38 GMT","end":"Mon, 15 Jun 2026 08:38:37 GMT"},"fingerprint":{"sha1":"C3:E4:BE:7B:38:DD:F1:59:DC:DF:FA:8A:48:52:C7:1D:D2:BF:F7:5E","sha256":"31:F4:52:B9:AA:C3:06:E9:A3:71:DA:02:A5:63:C9:78:CC:3A:04:07:E1:B4:42:F5:DC:BF:40:0F:BE:3E:6F:9E"}}},"request":{"raw":"GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 11 Apr 2026 13:33:03 GMT\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67176,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"ab850d710cb8d2c822eca52fcb39630d","sha1":"6b1016a61cb54834b42380de194088a39d0673b5","sha256":"acbf6e2b73bf91ea123df383211a180d57eb23c883a466afdec45a80fd03587d","sha512":"75908bb4facb97dbdbb3df2cdd51b28165d7d9c0dbd60997f507c7e79d44709c97566f25b5249bae201225d5fb83877c43734052ebfe858a19edfd9ba4ef471f","ssdeep":"768:yDdD9DADNDgBDUKD7DnDWHncXgLUahdPuOJ+gaULUIIV1ClghUULPy7bYLgXU+l5:GyDSegtxyllff","tlshash":"6b630e91041b5440ab834ce223cebf35fe1f92507151d0b9abfc9b6baddbca6526835c","first_seen":"2026-02-19T23:42:18.856088Z","last_seen":"2026-04-12T12:33:37.644914Z","times_seen":2589,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":122,"dns":0,"connect":21,"send":0,"wait":34,"receive":0,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/BTc7HtmzGbg5w.png?v=1768324592816","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/BTc7HtmzGbg5w.png?v=1768324592816 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 4851\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:16:32 GMT\r\netag: \"69667df0-12f3\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R1frJsib83lWOXCAxiJGGmoyuBYvWukafA0Lp%2BJj%2BC%2BTmqqiFvC8WqCfXMOVFTHQQWNZ0%2B2Ubl2EyuAe5ys4cV8opg0vBQ3Ztc%2Fa4aDpromCWBJTF%2FVUBQNwEQbcoluAGF15Zw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e6c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4851,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d72ddf66b9bea3b9709ed1f39565eb29","sha1":"6f5c2d8004bfa4482b457fcf9f28cd3f423a1d4e","sha256":"82ea79f134e8ea38e3942cfc385ffb7d3e5dfe5601854936023faab8b16be342","sha512":"17c111a4f90f38fb2c386bd20e89d36ebbd19f0ed3acff8fe9815f1184a46f804b372b99d1597f06a68991368f71159294ceff4f3f059bdec248a8481d86d02e","ssdeep":"96:CKkedUS/2bgG/iQUhpjZAqvPZ/1glkliKkAJcWUPhjy:2eGSOFHkC8/a3KkALkjy","tlshash":"50a17de2c0fa88fe80cb5e432f243d34914a715d1bd94b01d4d7b636a2364e00e89c6b","first_seen":"2026-04-11T13:33:29.414416Z","last_seen":"2026-04-11T13:35:29.34328Z","times_seen":2,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/manifest.json","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /manifest.json HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: application/manifest+json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oQ8VizYyyCLcucJF9BrJvkPm4pLM%2BuJmZTKYc8v6AjM58ySSBZZuIbf78BpNhXM5hmQ1BMRTVomE4DGSLrU0G%2FF1%2BTOukitY4wdppM8L8lGsuDXIfiSx7F%2FjZHvPIxBfEOiOgw%3D%3D\"}]}\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Authorization\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-download-options: noopen\r\nreferrer-policy: no-referrer, strict-origin-when-cross-origin\r\ncontent-language: en-US\r\netag: W/\"572-X60wlJS/YeDCKUAt5JKcvXAVXgk\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9955c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1394,"size_decoded":0,"mime_type":"application/manifest+json; charset=utf-8","magic":"JSON text data","md5":"641e368e4916be74d1ba447f96ef05ad","sha1":"5fad309494bf61e0c229402de4929cbd70155e09","sha256":"7a8f4a5d643f11a4f2c56ea0e3e10fa58efe32faa9b9f1b03b98c0f1ff0bb167","sha512":"3184ff80cc72699d0c3e9fd1b7c4cb33b98d50a0f041fafc128487efdeec19161974f706431d0941d59684d7f49fd20d20736d2f1947e59bde174b58abfe6936","ssdeep":"","tlshash":"ce21e2bb08cb5e79a7fd657820ad6dcccd7f305504d25e40af84782c0095795021b7aa","first_seen":"2026-04-11T13:33:29.416392Z","last_seen":"2026-04-11T13:35:29.33438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/img/choise.png","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/img/choise.png HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 218\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\netag: \"69a82edc-da\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IWMZrMmxagbJ2f7WpKK89E1rcJ3WkS%2FQfs0FBmt%2FoqGrG%2B7VXDGSQqc6grIDPIKfEZuhEGlRcO7xr1twLHSV1f095UHQtIBiFoGt5hRhDhQs8igQdXJ3M51bYjKb3x5NWyTdNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9959c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":218,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 4-bit colormap, non-interlaced","md5":"d76b357bdf86c3bde77124fe200cbb0f","sha1":"01fbbdb6193cc2452993a3315e99b5de0a2b0a6e","sha256":"3d1510bb842ca08d4529ada5711e0bd4724153439efe49c5ff6f2f8d36c23027","sha512":"976fef7cb7c754418201de38dc4b62fe625aa18f8827a584ab5a0c7b61510c802d44669697bcefbc1b5d37efe38bd483c2233d0caaf2d435f02755c1efd6b9d1","ssdeep":"","tlshash":"0dd023e7dd459d311400d157db9c1e4088d1473d1417531acbbaf51f5f6248cd3d05c5","first_seen":"2023-05-29T14:41:10Z","last_seen":"2026-04-12T13:05:54.146568Z","times_seen":181,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/assets/green/img/user.png","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /assets/green/img/user.png HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 148\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:44 GMT\r\netag: \"69a82edc-94\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s3oiuSJfs%2F0BW7SF0AWPiWOO3YReFi22%2F%2BblHjzQU%2FBQ84kIw6mVwNpg2ESExxoH26OCARG%2BM6d9kWwh7%2Bpd%2FS%2FeNu%2B2QGdZIClejts2ZCFYT5pWoanG9vv59usrtjzqI6qOhQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a995bc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced","md5":"6a82d2ed501108b93ae141c24ec8ff31","sha1":"0fa770617167b0445abca473adf6ad119282e028","sha256":"9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0","sha512":"ad9d427f163998e028457bbc5d61a869c122f85a31f3167245280b744a9a468c40a3c9b629ae797eafa4a8f46cfe810ade182849013467a8b448139970af759f","ssdeep":"","tlshash":"6ec02bc317c47f7ec6ef03239d18ce157a2280b8168826100c428019753214e647dac1","first_seen":"2023-05-15T07:31:55Z","last_seen":"2026-04-12T13:05:54.147056Z","times_seen":183,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/RZxJ1xLdzYaU8.png?v=1768324592817","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/RZxJ1xLdzYaU8.png?v=1768324592817 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 4542\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:16:32 GMT\r\netag: \"69667df0-11be\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NTNHvUebIq%2BTgDcV2dFmVtRwfZoTJDs4XFp3SheurMsaCEHZM4GWgn%2Buqt5mQfoard%2F5lnRfNidu4ErdK2h8AknYlcsmw6e%2B%2FSkpg1tBa6C92gdICSFvs8Fb4lyAScjsHjx4xQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e7c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4542,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"21d1ce2322919a85e3b9c1f0e976c039","sha1":"7c2cb81cfdf9d142816119ea60ec33f969b1c319","sha256":"360c4dbe7c2ca4efbf80e5e47a377ab4b0cd6dcd2d04cd0863195f1a916c81dd","sha512":"331157e1cc2b33af22d0684d3471e329e0ec01ac7272652eabc12717053b2eea44d9e235e7faf34fe15167317db7f2df6c92ce8d361285e5e4429797c58bea69","ssdeep":"96:MIhKzSe4p76d81gD57khZ0/nf/GBB95VfUZUTkQT1:2Sea1gDVeW/n3oBmeTkQh","tlshash":"a1917d6b764a18eda1c05c40fe344b897cdb5b3a85b77ace642a2020d4ff094d769b44","first_seen":"2026-04-11T13:33:29.419637Z","last_seen":"2026-04-11T13:35:29.339929Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/image-1768324345538-ee9d_375x667.webp","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/image-1768324345538-ee9d_375x667.webp HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 69084\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:25 GMT\r\netag: \"69667cf9-10ddc\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZjucghlpKiAZNfvYPRDDDxfEB81QzVzWzG5sT9MXh3Wb04gQryszuY5wjyAF3ibzLQvSbdkMpzpXTAECuilPFBEbtrAv8QJHtvNAKaTLyBqCKlqzHk3YBxZ4%2BlxkXGBBnzyGEA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5d99e2c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 375x667, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1e5ea80f0df9aa80c9d3fd071ce35532","sha1":"e29b4e49467f26a6b37da66cd894c9df6d3a5232","sha256":"dc54f78ab260aa2842fd68a9c4c83b88c638b352d18ffea1c1e70cfa38b5a752","sha512":"8143261355fc0a37f112acbb38f7e14bdbaf116c7422115a9ba808d7a50c3891f02e830a8cc4691cf3f9f9d6bd86a564f07a5517d99def33fb6b628d8a74cec1","ssdeep":"1536:uX9TLACl9rRZ7LKaY1nKlJOLUEtXCfcm1cRn2KdJxcPGkI:ut3ACl9/7NAKloIEtXYdcMbzI","tlshash":"7263023bf9672d5da001ba964ed981deb6c9bfd6490d642f10e781c61f0151c8f3ea88","first_seen":"2026-04-11T13:33:29.421391Z","last_seen":"2026-04-11T13:35:29.341141Z","times_seen":2,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:49 GMT","end":"Mon, 15 Jun 2026 08:38:48 GMT"},"fingerprint":{"sha1":"37:8D:19:21:5B:E0:E1:BB:D8:7C:65:74:CB:23:05:60:8D:DA:34:48","sha256":"87:F6:F5:DB:75:39:30:F7:7B:2E:F2:78:F3:AF:75:98:AC:41:5C:58:80:43:5D:A4:53:50:BC:D4:D6:F1:CC:56"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hollandcasino.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 10:17:38 GMT\r\nexpires: Fri, 09 Apr 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184525\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-12T13:01:56.888892Z","times_seen":76235,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":40,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=16x16","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:03.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /uploads/pwas/QJT2GahH9TDU/logo-1768324346864_512x512.webp?s=16x16 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21808\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 13 Jan 2026 17:12:27 GMT\r\netag: \"69667cfb-5530\"\r\ncache-control: public, max-age=172800, stale-while-revalidate=7200\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PNu2Vis86k%2By2vnbFQHedlCxTf82s0fGx6N6xonNVpAqmxIiMEmno3d39bZPAlBcvF9PwFFPHXdJDYypgw5wqy87LcVDLET7kmcauY9dPs5pyyO%2BnvfbGoNuHK%2Fwvu%2F6eHWs8Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c615a90c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7bc592c626ef3457ebc207144f0ec5dc","sha1":"f22a06c367780dde955a2376316d6403308a6856","sha256":"e2ede400d489dbbfc6cdc9758a90bb23779bcf02736a2fc2b912464f497fd4d4","sha512":"ef62b0ac09bfb68ee84861184e7e0c7d3c9f05d29c31fc1210e5ebdcaa43243ad40f9428d72749d4978e22342dc4baebce92877b738518c9597287ce164015fb","ssdeep":"384:fBNOk9Fkj3HYZ+kGbmx5wnCgEko8ZMmOOAlaMI3GjzEicU/Dj4q87YvjyA:POMq3YZ+vi5wCgEgZM5OAE730zEi1nJT","tlshash":"91a2c0c91838eb69cde79ddd7a5233c20ab4fcd8d804c63a68a384acb8d451c9153977","first_seen":"2026-04-11T13:33:29.401958Z","last_seen":"2026-04-11T13:35:29.328081Z","times_seen":2,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hollandcasino.ink/service-worker.js?v=43.4.2","fqdn":"hollandcasino.ink","domain":"hollandcasino.ink","tld":"ink"},"ip":{"addr":"172.67.168.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hollandcasino.ink/","date":"2026-04-11T13:33:02.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hollandcasino.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 18:43:06 GMT","end":"Thu, 11 Jun 2026 19:41:54 GMT"},"fingerprint":{"sha1":"65:C3:35:EF:9D:89:8B:27:82:8F:A4:06:D3:6B:2C:E7:85:83:AD:E3","sha256":"D6:4C:88:E0:EC:52:E2:11:39:17:6E:F5:9E:A9:B0:7D:CC:0F:93:18:9C:7A:E9:A4:48:99:E7:E5:75:D9:96:A6"}}},"request":{"raw":"GET /service-worker.js?v=43.4.2 HTTP/1.1\r\nHost: hollandcasino.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hollandcasino.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: pwauid=54QJe6T2PZGaMQhH\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 11 Apr 2026 13:33:02 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 04 Mar 2026 13:08:45 GMT\r\netag: W/\"69a82edd-119b\"\r\ncache-control: max-age=14400, must-revalidate\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\nx-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://storage.googleapis.com https://cdn.jsdelivr.net https://malsup.github.io https://static.cloudflareinsights.com https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://netdna.bootstrapcdn.com; font-src 'self' https://fonts.gstatic.com https://www.gstatic.com https://netdna.bootstrapcdn.com data:; img-src 'self' data: https: blob:; media-src 'self' data: blob:; connect-src 'self' blob: https://api.pwagroup.ai wss://api.pwagroup.ai https://ads.pwagroup.ai https://preview.pwagroup.ai https://sentry.pwastage.xyz https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://malsup.github.io https://telegram.org https://oauth.telegram.org; worker-src 'self' blob:; manifest-src 'self'; frame-src https://telegram.org https://oauth.telegram.org https://preview.pwagroup.ai https://www.youtube.com; frame-ancestors 'self' https://dash.pwa.group https://preview.pwa.group https://*.pwa.group https://*.pwagroup.ai; base-uri 'self'; form-action 'self' https://preview.pwagroup.ai; object-src 'none'; upgrade-insecure-requests; report-uri https://dash.pwa.group/api/101/csp-report;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ObA2mBQvNdI3ZGfs%2F25y7kZhNgYWeShoCiOoAjMkyJLv4pe%2Fsvk0fvOkLSaYMWkTh%2BV4gIsNRclkHh7xztN7KqZFgXKA9rvKnfgkeQxxrVz8bdlRLgr2rlemzVlxaH1EagAARw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eaa5c5a9954c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4507,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"86cc00269f504c69a5522d969a7163cb","sha1":"32ef340a83bf54ab58b19e3b162854b170dacfed","sha256":"468a60231a67800713bdc7f40428f191c212c6e3e9041015401009a4ae26b31c","sha512":"b247afe3e2d8ea868b034e5f350250a7c45f9502236db14b1f91e5897e66635ba3d0e5d2eecd948ac1fc39050bed482704fcce593031f76938af423ada64bb6a","ssdeep":"96:/dMKYwHN9+zwwfOwwwTK1ktDEkVbumgZOVRl6uAsaWLRLNHbuesaWC6JuEsaUBBn:/dzYwHqzwCOwwM7tDEkVbBfoRWFLxDWO","tlshash":"949101fb1d6817570ae7d179951e1227e27601073f4ab865b2ac09d81fcd54c83bf6c4","first_seen":"2026-03-01T09:27:42.786226Z","last_seen":"2026-04-12T13:05:54.236014Z","times_seen":29,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"hollandcasino.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}