r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7793
Expires: Thu, 15 Dec 2022 08:09:19 GMT
Date: Thu, 15 Dec 2022 05:59:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4676
Expires: Thu, 15 Dec 2022 07:17:22 GMT
Date: Thu, 15 Dec 2022 05:59:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Thu, 15 Dec 2022 09:23:20 GMT
Date: Thu, 15 Dec 2022 05:59:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 05:08:57 GMT
content-type: application/json
age: 3029
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rYURkspL9KurEkZr3VTZEuvPPqp3nA2Sx+GKPh6jKqNedGk9e78xNqteZt4Dk1Bbv32DzpYOJHw=
x-amz-request-id: 18CSDGJ4V5KYQP9N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 05:50:48 GMT
age: 518
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 05:59:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
200 OK 1.3 kB URL HTTP/1.1 ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
IP
Hash fada1c1c8f5d5f132a8ef8c7d9b8acb8
b68c7f11472a60d44066c74148ac66342a376d88
62fe5b7673d0131f91bf20b3f27b1c1ad451e8c55138c53df979d3c6675773bb
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1341
Connection: keep-alive
x-amz-id-2: HVrvePUQ+9/XP+0dSjPRV/9GCHSNOdRfSgJITDijSTygWXGnFUwO6oaglkF/N0Dlg9kknjVhYEI=
x-amz-request-id: 2A4NNKPKGYP4A20K
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 20 Sep 2020 20:04:31 GMT
x-amz-version-id: 2bL1VcGU_tj5tpwF05lbWzNgeL0LPYgo
ETag: "fada1c1c8f5d5f132a8ef8c7d9b8acb8"
CF-Cache-Status: HIT
Age: 939033
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p58FAwF27HlzeEfeOesKBDxQc23GxznZmM9cd3yfVvr81EpqV5dCmyC2L2kvsaJkcRZJWW3hK8mPEdKSd5IZ%2FGJq%2BmpnTJBa73tCO3ZC5Dpoe0rn9vrX02LeAgUr%2BVjvwlqWHk7icA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf407cd9bb529-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 05:33:21 GMT
age: 1565
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
200 OK 14 kB URL HTTP/1.1 redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
IP
File type C source, ASCII text, with very long lines (39559), with no line terminators
Hash ed458848fd37b63d91f524403eed8bb7
9579161f6ad0fddaf197720e88fa9a429decb52d
6a495f7d39bf0b46d79a9ab8022bc9edbbdb5a61b41b27e38f65ad9c5ad02345
GET /pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 05:59:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Dec 2022 09:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63984082-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1608
Cache-Control: max-age=99258
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 05:59:26 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 09:33:44 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ezcasinowinners.club/au/aweber/lp2/index.html
200 OK 6.1 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1557), with CRLF line terminators
Hash 901919d4909badc58fcdd64f73adc527
0bd32d2645eeaf59ceed815a7886fc19864476fd
d303d19e490880326d32d1232005d9a38d2e5f7efd737b23821e9736c4a59302
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/index.html HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Mar 2022 10:23:26 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCHN%2FVfmkA2qloXfqzEFxr3fdXwxK92zht19%2F%2FBIoYQVMAu8eUExrqcKZvEOhiikGWNBQNPt0h%2F1pTRk09I7BcnyLs5ZczVQHXH%2Fj0vFxG8SbwLbn7aHE462KO8R3Tq7YnQEmtfGqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf4038f3bb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3f973d265969f08d5cdd469638b607dd
d6b0ccb133b4386580bd6df420a6be5f343412a0
3897c9ba5147c56e5ad792a0b55bd61993b3ebedafac542af3b601310b9fc05d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 20:20:06 GMT
Expires: Wed, 21 Dec 2022 20:20:05 GMT
Etag: "d6b0ccb133b4386580bd6df420a6be5f343412a0"
Cache-Control: max-age=569438,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779cf408bf7fb512-OSL
redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
304 Not Modified 0 B URL HTTP/1.1 redrotou.net/pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/micro.tag.min.js?z=4463447&sw=/sw-check-permissions-fa1f3.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/
If-Modified-Since: Tue, 13 Dec 2022 09:06:10 GMT
If-None-Match: W/"63984082-9a87"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Thu, 15 Dec 2022 05:59:27 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:10 GMT
Connection: keep-alive
ETag: "63984082-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb6b7affcab2b32d113fed499e663b71
bd1a5ee0a85c497bc5e10c7baa9b84e06188a668
a475dbafedab35e26c9c8cededc8844a6647899aec7106d116cf73556748ef75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A475DBAFEDAB35E26C9C8CEDEDC8844A6647899AEC7106D116CF73556748EF75"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 15 Dec 2022 09:24:00 GMT
Date: Thu, 15 Dec 2022 05:59:27 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IkS5dn0PVmzZfUxaWLuU/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D2jKFsB/zHf2m2T5WDhgXW/7M7M=
my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
IP
Hash 1d1522de413d0b27a43e7be4efeb0405
58c52eec6da93a26b374308e6189b8af139624f7
d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193
GET /p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 05:59:27 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7cc7d4597e8be2675fd37a88ce412a4e
05c07ccd25ca13f19461eff3377a8e8629d410c0
370a7a347d2d7b46d5bd2ac7e9a948e26d2b8e7bd2ee71d34fcc379569b321d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "370A7A347D2D7B46D5BD2AC7E9A948E26D2B8E7BD2EE71D34FCC379569B321D2"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12411
Expires: Thu, 15 Dec 2022 09:26:18 GMT
Date: Thu, 15 Dec 2022 05:59:27 GMT
Connection: keep-alive
unphionetor.com/vctx?t=90679
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=90679
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=90679 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 15 Dec 2022 05:59:27 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 939091deff74f209a932c8bb3143458c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp2/5e4c60d92ac63_v.css
200 OK 1.6 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60d92ac63_v.css
IP
File type ASCII text, with very long lines (7048)
Hash ee293d0a7a289fd91f396f10856f9985
5ad60a628c691af91f5ec32fc3bc43825a330639
dfabb3b6ea99731a042c167c2e0f8e378d8d3ea5d8500a35f443fe82c2853dc7
GET /au/aweber/lp2/5e4c60d92ac63_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:18 GMT
ETag: W/"6102d1be-1c28"
Expires: Sat, 14 Jan 2023 05:59:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgsO7Nx5akQRumggIVt7zgItTvNapHen7qfq9nSBmOsTeV0Sb1YxJisNUyqBHft76W4l62cq0BUBEMBB7lHjL307%2BZvnn7iDl4X0LyAbkGZGffPDwhb21rqbeQOUBcCgdZlFWhK6%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40aab43b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60d91d0a5_v.css
200 OK 0 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60d91d0a5_v.css
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /au/aweber/lp2/5e4c60d91d0a5_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:27 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:44 GMT
ETag: "6102d19c-0"
Expires: Sat, 14 Jan 2023 05:59:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjMzj%2BuLVm5m0Vrp2hbPhS7%2FSFMqhQdocXAjf8rAvKHnLjr%2By9mLVFXMJF8KrgtvfPO1HL9%2Bcg1%2Fb50YCezPTVaTINQ8Got4lRs9VBwBYVshbomXZw%2Bq7hYW26b8QjWF0ExEajWnSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40aaff5b51d-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60dac2620_v.css
200 OK 67 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60dac2620_v.css
IP
Hash 63b00463b943556bac81bdcfc377dfc3
7f51e39070eb10fa13181a72f39275cf3f549f9b
155b548ccf8efe104619bd351c8ee01421b5e70c40e2b4ad3e5b43fb913f9ead
GET /au/aweber/lp2/5e4c60dac2620_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:44 GMT
ETag: W/"6102d1d8-4b"
Expires: Sat, 14 Jan 2023 05:59:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdsK%2BFJRLlxyXMzSWVKefrHcuEsrjGMYIIMIk5AT6bVcWe%2FjeIchdzZsvYXMg3wUNuS7CbIqO4FQMzt%2F5Af4kDmuOxySS5smequEF8vhmUJIAeVgb%2BnVWRsbyObPuSboUhUyCJjeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40aae87fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60e1aa979_v.css
200 OK 3.0 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e1aa979_v.css
IP
File type ASCII text, with very long lines (557)
Hash d41ef73f02bb3e721460a96f3bdea344
92a8bfab17133280b2ca5ce0910a4d3ea83a092f
a8bb34595d704b005991deb51ba97eea99ff09c3a0c5cee925ac4cb412cfb78f
GET /au/aweber/lp2/5e4c60e1aa979_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:19 GMT
ETag: W/"6102d1bf-3cff"
Expires: Sat, 14 Jan 2023 05:59:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaUxooR7g7OUqlWlro74bU9DPCViLsyZ0tWITz%2FO5lrnzBe3DlqEhEhUXc0L738%2BxBUzT6UUbnZBsyTQZFRiLOQYFNLkizZBh7UJfFmTo7GmWHQIjrh23P7qO%2B%2FVIdGS4nZVMvIy4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40aa8e2b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/fv.js?t=90679
200 OK 9.1 kB URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP
File type ASCII text, with very long lines (31320)
Hash ce27cae1efbacfe37870a7f04ad77e9e
c7c4ec56780b39da823be9ff09f913bfa034f6bb
c7fb39c709faf65d4d7ca5ae0432fe894e777f198bf2e8a1336c7e317c0c4960
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 05:59:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ade272650e03bcec2d04660f987dea12
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp2/5e4c60e44796a_v.css
200 OK 420 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e44796a_v.css
IP
Hash 9d42dd86d80e5a4a3e2ca085c32cf0c7
f530715644a3044e5c8f5b1a8ed31202fb8d9f71
94d8b7464536e28114e178fbad82dc64928d13f5badd518ca3a2345eba992170
GET /au/aweber/lp2/5e4c60e44796a_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:57 GMT
ETag: W/"6102d1a9-406"
Expires: Sat, 14 Jan 2023 05:59:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWU4ymkPn0eCLBLU1j6bIvFNewHQRAv%2FgpAHcZBqy5apzrFH2V4Fm8YYDTyxpdJV3kCTR%2FEHzIuNbT6xECBBYaTi0DsNDlWMG2Bw8Ls9hjexQp%2BEhj0ZNTkYmVKOIb%2FtvhZXwUS7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40e6dceb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 05:59:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 05:59:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 05:59:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e1fb0ddf6ac86d38423a55841c78c6c
d31310f2441c9f7584f3c1605dd3fb38d5af41a6
8e91e724a42f8b0cf953570937c33465903c979297e439438d86c45b3d242d4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7163
x-amzn-requestid: f3472b61-a3e4-4af9-bb1f-eecd4c7315e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dFxs3GuWIAMFSWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63989652-2892086d207c30e3583847ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 15:12:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_9xOQmBEPWm8hje_FeJWC-nFCvbNOuLGR13GiPcZrjbK9Gl8dYiNA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:32 GMT
age: 29816
etag: "d31310f2441c9f7584f3c1605dd3fb38d5af41a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
200 OK 31 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
IP
File type GIF image data, version 87a, 296 x 148\012- data
Hash 1a355e31327e2a5f648c36fdc4d2348a
ab6149b7874d751c3b897889902ecf52cbede8e4
cf3fbf211bc15f39efe535bf66a281d124c6254b0b9e641b6ea3c8023ab869dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 30895
x-amzn-requestid: 2d48ad82-6b48-4b9b-9dd0-98afd8b7f9ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NExFi7oAMFuKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918eeb-6ceedd921e75513b6dfdb084;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Hl0Mdyy9oH1n1LveM7TzD0kSA7NT80XbRiPEAQMbjxmMqRmpwcrG5w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:47:39 GMT
age: 58309
etag: "ab6149b7874d751c3b897889902ecf52cbede8e4"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c8a26b13c34491d35e416a0a315e9a8
c13edfc689666ab3586b49796a7fcd46bafee29d
bed8dff9ad852fe694ccf3e54b0bb5687bb154981d48bfa8c05fdcd30010185a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5760
x-amzn-requestid: 5e94f6cf-8ab1-4a7a-9714-a3147af61e1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3ftDFHtIAMFwxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392dfec-0ae05a42119198d6052c0f4b;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:12:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5L0NOMl3xdN98bEYyq_3KMSpfqOoXrBOJcHCZW4JpbzdIszkCbKj-w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 19:59:46 GMT
age: 35982
etag: "c13edfc689666ab3586b49796a7fcd46bafee29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86aaca525eba678cdae6480594a8249a
87171c4499e8d82e8ec325e9133c180c0773c1dc
03fb5c8f20a85f301f9bf3096aefb36bbadfdd54d4bdd5227d45fced4ad004d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: cef32774-5aee-477b-a929-60d34e8d093c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHwMtGO1oAMFjHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639960b7-79414714540e99977b32b6c7;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 05:35:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FXgZkJXSICEd8RRuW8v9nnGV9KxXcCCRsbfKn50j3B8fMW8oZX2YOQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 17:06:34 GMT
age: 46374
etag: "87171c4499e8d82e8ec325e9133c180c0773c1dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 11:18:24 GMT
age: 67264
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe33ecc20db57514c51c90694efebb16
e00b8b1bc1f98df439a264d1cd881e1021d7fdd5
9b0e56806a9f4e7458b58c29ec2050faebcded4ff1c4ef430733171ddae68cb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7396
x-amzn-requestid: 504fa4a2-348a-423f-b52a-e1257149d6d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c4Ad4Hw-oAMFWVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63931458-620c1e260eaf8df564aee1c3;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 10:56:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 20i4v0r3MPyPzS5jn45qLK-OMcUEGvjTftCiI-vxamGflro2l3NKZg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:55:24 GMT
age: 29044
etag: "e00b8b1bc1f98df439a264d1cd881e1021d7fdd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp2/5e4c60da1215a_v.css
200 OK 20 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60da1215a_v.css
IP
File type ASCII text, with very long lines (65371)
Hash 8180f85c0290152ab984e7f2ca35585c
21ee8d6b56203093a5ac68cf8c4ebd84804d64e5
07c4b33995eac23c66e13b5c8c28af692979a0bb3d8915af457e413c2a02368b
GET /au/aweber/lp2/5e4c60da1215a_v.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:12 GMT
ETag: W/"6102d1b8-1db52"
Expires: Sat, 14 Jan 2023 05:59:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRgATjTcXYJ61ASgxpZQfKZO9kDtMAL99%2B59cmHjo5q9wkIhqUuVa59JIGHD8G0QFtHdKiJuCzW4Q5VwQnMQRvpqrtsdw7I3xx%2F3Jo4sVfX5v1G27kgEDyniQCmwJ%2Bcm6Z592BBkCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40aaf4eb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 05:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
GET /s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:33 GMT
expires: Sat, 09 Dec 2023 13:33:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
content-type: font/woff2
age: 491155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 05:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
200 OK 446 B URL HTTP/1.1 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com/assets/images/foxtail-blue.png
IP
File type PNG image data, 40 x 40, 8-bit colormap, non-interlaced\012- data
Hash f761e602db6145ebaf2e0d30f0d3a78d
c70bb6bd181170532bf9e89b809fc6132920503c
37f02ad34f8925573f5d0174e84af316d40439e158f169676d9a20008a4e8528
GET /assets/images/foxtail-blue.png HTTP/1.1
Host: 670501afa3bb667817ee-24c106882da8d4393b1faf82472afa82.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 10 Jul 2019 16:34:21 GMT
ETag: f761e602db6145ebaf2e0d30f0d3a78d
X-Trans-Id: txded4916098fb459599aa6-0063882acdiad3
Origin: https://mycloud.rackspace.com
Content-Length: 446
Accept-Ranges: bytes
X-Timestamp: 1562776460.11389
Content-Type: image/png
Cache-Control: public, max-age=241449
Expires: Sun, 18 Dec 2022 01:03:37 GMT
Date: Thu, 15 Dec 2022 05:59:28 GMT
Connection: keep-alive
ezcasinowinners.club/au/aweber/lp2/sound.m4a
404 Not Found 226 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/sound.m4a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2af926701aa5f6f453f308a0a5a3ce07
040706832784996cb347646446c4e327a68754f5
1da2ab20bd572e523c6a15b731d2413634fd3d6efd396493cd152623bb4d8b6d
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/sound.m4a HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 05:59:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX%2FrhlJWQbLBxIgwAaqHUxsN%2BxqcRXH70BcCaAwWj6xK4Y4LZ8jF1OHy4cM%2FOpudTCIIztV1h2pEDhsc5%2BMzUEQB8vzGZyKN6%2BtYcgTjGObfqmD97gPmUlbfWaMMbTi1PyfGXOnhXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf4143b8db517-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60dce6a19_v.js
200 OK 15 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60dce6a19_v.js
IP
File type ASCII text, with very long lines (57791), with CRLF line terminators
Hash 74d6ac54536e4635ebdcf92b7ffe8696
06df1127ccc5c1a69c839797c4f0c3507a0980a1
7c6a133b90b158102ef91e50c1cab1d26e35c9684a53a16c9ed87c907496c00f
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/5e4c60dce6a19_v.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:30 GMT
ETag: W/"6102d1ca-e2b5"
Expires: Sat, 14 Jan 2023 05:59:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoqexjCyF6hzAgR9vnVJWdzWSq9yUBnWgU%2BBYGT3DVhg82SxnjDM%2BSMQHvDNLCFxbl%2FZNVoyf1JmcR1xBxBA%2B%2BOdHbhB0RRoqCsnqOmcUqTJKcyBlAlNHrt1kIcz%2BrK65eo8jxm3jg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40e7fc7fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/spin-sound.m4a
404 Not Found 226 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/spin-sound.m4a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2af926701aa5f6f453f308a0a5a3ce07
040706832784996cb347646446c4e327a68754f5
1da2ab20bd572e523c6a15b731d2413634fd3d6efd396493cd152623bb4d8b6d
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/spin-sound.m4a HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyCISOnjEt6%2FHBhSCcWsYAXJ1CltnjdU594qk%2BtInu6nCIS8aqYRJ%2BzfzWoy78OVn6MxTfqbnTv8gVs%2FbWKTihWbdtWUvmncL9eR6bF7xkNOEXNu1%2BGr1%2B0YBCZX10SCom9BLGKW3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf4143ccab529-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/alert.mp3
206 Partial Content 8.8 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/alert.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/alert.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 20:02:54 GMT
ETag: "610d956e-2262"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ly1KIckD42sAjzphBRpm84neraiE2ZoNSNvjwjGRzjSTjeexd0LR%2BQ3KUigQGkVVaexfGzfXN6cMZZCtObIbtQ0lKPixAUSKAVwjA1IidMgJiz03nt%2F9OMs%2Fcq%2BHqDHKgdSaaJziA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf4143930b509-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60df17883_v.js
200 OK 36 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60df17883_v.js
IP
File type ASCII text, with very long lines (526), with CRLF line terminators
Hash 88871187a7f0ba748a0f9c5dda290d75
248e94000fe6d71af94f40c774ef6ecd0147522a
d61313c324572afb35619337b8050ce7eb2dcee32e01a689d1798b8fb0291cbd
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/5e4c60df17883_v.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:44 GMT
ETag: W/"6102d19c-25372"
Expires: Sat, 14 Jan 2023 05:59:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rvy7gkWf0uGaLCGTIjlvhi8q5z8RTpZQCh3WpXy3VQXpiupBHCS%2B2tsSISKYjOgXJEbFc3Ey0gseyl8F9IrRbYt7cU%2BnQiVuLJhnI0qLXPZKAbTPQm7fJM7jLeo4tV9Z6aEoUeRLg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf40e6ac7b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2314
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2314
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=90679&bid=undefined&aid=undefined&tp=2314 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 15 Dec 2022 05:59:29 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b6c1ba848859e901512028114474c41a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp2/5e4c60dd8206d_v.png
200 OK 6.5 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60dd8206d_v.png
IP
File type PNG image data, 200 x 60, 8-bit colormap, non-interlaced\012- data
Hash cc3640f8d9c0e62d481db7d02a4eef7d
4122480d540224ecee27a45ed6851004c6b46a04
2bf523c5c856b0d43878370f7b7c1b9d586689141806fae6db83b986912b26e0
GET /au/aweber/lp2/5e4c60dd8206d_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: image/png
Content-Length: 6460
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:27 GMT
ETag: "6102d1c7-193c"
Expires: Sat, 14 Jan 2023 05:59:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT8RgGJf5iYHFz0UnAk2MprlQX4zwefgIPxDfsTfHIPo%2F3GoUwf3EXZMcnK%2B5BG6w5JkndUUYo2Zg%2F3bmg41dGC2fyipyYB2yRNV%2FtfYpz1ol0h8n2jqLFwQObf8QG9J8YLEV1ltMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf417eb62b509-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60dfd9d98_v.png
200 OK 2.1 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60dfd9d98_v.png
IP
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 72cd866136817a6f7c16d204a4c0331d
1e3078ff441240bc9c24b074818167adf4f6eb4e
ad82010277c5d9b77233c6b068d278cdf4e15d702d57c39cf6900a494f0ee784
GET /au/aweber/lp2/5e4c60dfd9d98_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: image/png
Content-Length: 2117
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:27 GMT
ETag: "6102d1c7-845"
Expires: Sat, 14 Jan 2023 05:59:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4MV5FCQAUn4jOWsf%2FQcUl56nJZIFjyy2gRfEtth5gmvyNc9A6Q2G3uKSEV9ZyBZNou1cCoURnp1XpVYCEJIq9IKhsVnOnRA4Ixii%2B4%2FKM0C6sJxFTzrEYDgO3XWJL6RyXfx2%2BKDuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf4164a5dfabc-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/coin.mp3
206 Partial Content 22 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/coin.mp3
IP
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/coin.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 20:04:20 GMT
ETag: "610d95c4-5633"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PJ40YngZh0tncJabj98hyHZSRUFQYW14sfZDwW4kjzO0xnZiOHBYC3rTXsWXsZNOhdm3axS7dcjlFAZVMM%2FTQPGYN2oHjvqKvq1shvWOOj23%2B94hB%2BH7xv1LeJSKXzalsKXODkrjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf41438c3b512-OSL
alt-svc: h2=":443"; ma=60
my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp2%2Findex.html
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp2%2Findex.html
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp2%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 05:59:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dfcd394d45a64df68ec4475cfb5b1c56; expires=Fri, 15 Dec 2023 05:59:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp2/5e4c60dba3171_v.jpg
200 OK 35 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60dba3171_v.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1300x442, components 3\012- data
Hash c89b0c713601891480a7629c4ff15236
1efa87c2fc4d483df5347fbe4f71b2ae3dd710b9
dfd7a5590f7cd486818c55098a5a3d391a3e5a82323625e2dd17b7a7dcdd125e
GET /au/aweber/lp2/5e4c60dba3171_v.jpg HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:29 GMT
Content-Type: image/jpeg
Content-Length: 34833
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:47 GMT
ETag: "6102d1db-8811"
Expires: Sat, 14 Jan 2023 05:59:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl6ovBF2PaS8yoQ5iaD3OHGolsuJI0f9mYnn%2BUKWgUS%2Fr%2BYhlRXfjXzLbqeLgAhDlWTq4L0DRgZkFx7iWQgktHagtNzJQI1n%2BMWbM5zyb6GeJevmerIKe71GK46P2yYhS%2FD5EXDQhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf4161ca6b517-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/sounds/alert.mp3
206 Partial Content 8.8 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/sounds/alert.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/sounds/alert.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:56 GMT
ETag: "6102d1e4-2262"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msV20UbKR5Idbt0zKQhj%2FE%2FExNT%2BokG1gL%2F9gQy4A4aSdOKB6IH8ugRuSV5%2FnV%2BhykmijfMkr%2FKp8AyHD2Nh09UHRWTwah9PDtjP%2FN2vQjv%2BaBW7VgGzFVZRuh%2FwDreSEpNoJkktGw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf419fce0b509-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60e0405fd_v.jpg
200 OK 27 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e0405fd_v.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 124x800, components 3\012- data
Hash cd13e712beeba62956510e479018be24
84bd510faa4200b2f284d51fcfa0f5e84d6ed720
580a105bb107ebcce3d544568e204518cbc5b5eb627671fa84bc0b58551d6aee
GET /au/aweber/lp2/5e4c60e0405fd_v.jpg HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/5e4c60e1aa979_v.css
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: image/jpeg
Content-Length: 26939
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:59 GMT
ETag: "6102d1ab-693b"
Expires: Sat, 14 Jan 2023 05:59:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yE5GS1JJttBeFauR9vvs7pEnKyPnMTiw0KR4VF1PSh39zga7BNbG37GXEK1k7u7P0RtXYMYBglkuM8N0fRfpJcho5lKKFuwq%2BzWcmqxGt7KW0u7xGHblyViQpBVdgA9bhdS4i3iSVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf417df16b529-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/sounds/win.mp3
206 Partial Content 22 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/sounds/win.mp3
IP
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/sounds/win.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:55 GMT
ETag: "6102d1e3-5633"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8Cyj3fWj%2BDa%2FUoGuziwgnul8vsW9InROF7zK2acyIwDUUVxkPkHUw3yBlrSxKEysZnKuOsGUt7FBDK9uKoLvpK5zJtvtBTmGeKnulbJhOubvSLEayGSV3xbg8dWv3rI%2Fyfb1KsARA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf41a0baafabc-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60de5bb9f_v.png
200 OK 51 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60de5bb9f_v.png
IP
File type PNG image data, 560 x 528, 8-bit colormap, non-interlaced\012- data
Hash 5e9a658d01128cbcf30ad2a905906f5b
70ef0f9e53f0076cac95db60614566245a6a6dd8
89659abae3d30df93fb9bf7515a14aaaa4da2f56f32156bcf0fad8da59cf6327
GET /au/aweber/lp2/5e4c60de5bb9f_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: image/png
Content-Length: 50614
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:43 GMT
ETag: "6102d19b-c5b6"
Expires: Sat, 14 Jan 2023 05:59:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCOT726rQtPTPGJSsppf0F3gysaRlNZeDY4PRgMETBCSIysaGO016Q24xFEtgENaWf2eOxYmySLtGe6TCpAA6B9qbqqwi9vfHSiFBCD5zNd4wsool6ikDJ9jneKVU%2FJPecA%2BKJoayA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf418b96bb51d-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/download.png
200 OK 4.4 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/download.png
IP
File type PNG image data, 330 x 153, 8-bit colormap, non-interlaced\012- data
Hash 2a30989f45d9fb77ae8ea63ab7edfd01
550e4499e96d46819d077d8686cc1fc3391aa271
81540fe6f970e646c60cc2891b048e019b3d3bc94f293ccce40a54c57cdf8f74
GET /au/aweber/lp2/download.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: image/png
Content-Length: 4447
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:54 GMT
ETag: "6102d1a6-115f"
Expires: Sat, 14 Jan 2023 05:59:30 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8GqtfaASw7erb921ILIELC%2F8PzyJwHnsXPtjnxwnFi0oMaMcEFcdSRrOLfye6VoWcUns7FhrIzpnpSw%2FKkD86QcBsjeaBJBOY8c8CuJMJBGvnAvhnT5fTpD1nn44cxd04bA2PYrKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf41daf1bb509-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/sounds/spin.mp3
206 Partial Content 51 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/sounds/spin.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Hash 390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp2/sounds/spin.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 206 Partial Content
Date: Thu, 15 Dec 2022 05:59:30 GMT
Content-Type: audio/mpeg
Content-Length: 51290
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:54 GMT
ETag: "6102d1e2-c85a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-51289/51290
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OoTylAbowpfIH2HRt4C6Xuk%2BP%2BBtrBRz5I%2F58TJ%2FCe%2FDLcgXwVwsKJNQdcM92hQPg4%2FDc07tOeQQjD2zAw8%2BTQNKCGc4wJaK8YwuQMHcGZA0HGaE7gQ%2FJc4HKMUCiUHaPFkEisp%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779cf41a1d2eb512-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60e2e3d2d_v.png
200 OK 95 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e2e3d2d_v.png
IP
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 802e9223fa26fae356596c079e4e2474
a46851b3a70409f2f64e228de8c97235384910a2
87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a
GET /au/aweber/lp2/5e4c60e2e3d2d_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:31 GMT
Content-Type: image/png
Content-Length: 95050
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:39 GMT
ETag: "6102d1d3-1734a"
Expires: Sat, 14 Jan 2023 05:59:30 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9GgtmL5bpWKTdgIg6SyVITB%2BCjVA3VonUzwFydHujENtBRJj11ijD8lc%2FTwOmNHBmIpRTCGIBTighGei0rQE%2BkD58AGChGLu6Zc3naFcTGO1kmuT9EdWoPYASDmLFVgF6q1C5Crjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf41c7937b517-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60e233c94_v.png
200 OK 85 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e233c94_v.png
IP
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 55e9f817e0ef97c590a4c229e0529854
d0c61dd6fa85e390b427bf3e3908ca23671e2ad2
a58a58c915d407390d40a48eb719bd3860466ab47c533250dd47f6938b2551e6
GET /au/aweber/lp2/5e4c60e233c94_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:31 GMT
Content-Type: image/png
Content-Length: 85345
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:05:04 GMT
ETag: "6102d1b0-14d61"
Expires: Sat, 14 Jan 2023 05:59:30 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs%2F1mnSLfYcirsCzMPxvsnKuji49RkaKcA%2FwMVMyVnIl1pzyHZzUZSArMdWap9v1qwu5pJszNKccaSkgE6cCQrBJgGYyOB%2FNT4CL4L%2FYDQpc7AagaclTaJN4TrlnmmLSDoHx7IylAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf41ddab4b529-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/favicon.ico
404 Not Found 179 B URL HTTP/1.1 ezcasinowinners.club/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bf0b277272648b069cf7ed2ec87496a7
fd929f1268e86a295a7470c573465c3f8ad3c85e
f20a0177a9e131a2d859353d849d132d95086700c3d341bda838295abf6f2ad5
GET /favicon.ico HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 05:59:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kfbBnd%2BiU3Zw8p8G%2BSLOzmgm1APIz3jtNmAJpP8U4NjU257cBPVFihMYYIRdiwsCXOfD5YNAbjWNtlTfaH5O7r0Hpd7sTV%2FGYsNT%2Fn9pv%2FqBc9%2BSY6Ks%2FCkRKpKr73T%2Bt7WmTCEPg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf4238dc3b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp2/5e4c60e3b2101_v.png
200 OK 76 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp2/5e4c60e3b2101_v.png
IP
File type PNG image data, 558 x 322, 8-bit colormap, non-interlaced\012- data
Hash 2f47d4bd093d6511cf76a449fb672dfc
c2482408a7d5ec6d2ce9e3415832b16fe8e2a7e0
7fed6a9fb598bcea573009c0be86610ce24dd877f97d415ffe7ceed3b44a686e
GET /au/aweber/lp2/5e4c60e3b2101_v.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp2/index.html
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 05:59:31 GMT
Content-Type: image/png
Content-Length: 76234
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:04:52 GMT
ETag: "6102d1a4-129ca"
Expires: Sat, 14 Jan 2023 05:59:31 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF9Uv7XgOp4x5OrXkyAugD8uB5BOAAvM%2BTr14FiN3gkowEoQn1a9VttjZJi0p3bI%2FOqrDCjTU2U0Qmw8ndW5QJqUKcjj%2BluQ96jA7S2vsM%2FnWvEH7Zt0XtN%2Bd6rSoQ8%2Fe%2F040JDyUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779cf41ffe02fabc-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 15 Dec 2022 05:59:31 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c1c56028795707612a91fd28a28fb019
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c19b980e110e92c245c767fb5176310d
d1525f33bb439a2a4049fa65ac5e8510f2df7acb
1695f36a7fce1c722559343ae94a2640a9b5ea3bee145b5fd0bb79dcbb049d34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52de3838-24b1-4942-a475-cf9b84ca052b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4831
x-amzn-requestid: 7dd92cbc-4b78-4b8d-a522-3b9b31f00c0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ER5G3moAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d8-12a2cf5714e231431bdda1af;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: spQimr1-EdHR77kzGh-6LVnuGe26fy0L3vdgcdmyvMSCJw7QAbdPxA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 19:35:23 GMT
age: 37452
etag: "d1525f33bb439a2a4049fa65ac5e8510f2df7acb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=90679
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 05:59:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5ae6ac0f8f43205a6fa233600bd6840b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
188.114.97.1
93.184.220.29
104.18.32.68
34.120.237.76
2.18.172.211