r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9369
Expires: Mon, 30 Jan 2023 07:32:35 GMT
Date: Mon, 30 Jan 2023 04:56:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3924
Expires: Mon, 30 Jan 2023 06:01:50 GMT
Date: Mon, 30 Jan 2023 04:56:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 04:43:11 GMT
content-type: application/json
age: 795
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2934
Expires: Mon, 30 Jan 2023 05:45:20 GMT
Date: Mon, 30 Jan 2023 04:56:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sJMZem6/y1YEiC/NCAjHeP4Vz6/Qmho3M0grEJHf/NPZePmEL/t+o1Z89k2Uozi/H1yRZRwEXEKgytD+DQUI+w==
x-amz-request-id: 3V0674FQPXYSZKXZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 04:50:36 GMT
age: 350
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 163c81769cb3796185876ae84c820f48
f81ee1d4a647472c2f1d0e6c51c3339dec723908
74ee8c33a88f0c4bcb7fa66194a7969692047212483d10847395d6996ce5fed0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 08:20:01 GMT
Expires: Sun, 05 Feb 2023 08:20:00 GMT
Etag: "f81ee1d4a647472c2f1d0e6c51c3339dec723908"
Cache-Control: max-age=530012,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79179f034dabb529-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 04:49:04 GMT
age: 443
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
188.114.97.1200 OK 5.0 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f89ef31f92205d732815d2c07ebf629
e5857784ba109ffa707341cb5b2440a9cd47d8ac
bf0372495adfc3018ace8e9b5fa4705bd9ca33cb9d000e7e821dfac4fcd4a1df
GET /au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:25:51 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkNVMe4athhVRcsY32A%2BRcLi%2F1Sy4FqjnJ9tPTci%2F6cjfatGirLrzKOhmbncLrl2MZxKufOnsowe6%2Bvm3fj4tUKwwM0eeXHIT%2Bl5hDATrApT0Z9eFFJXbI3H0wQQEbYf%2FFzlkCzMWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79179efe5eccb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Mon, 30 Jan 2023 06:55:51 GMT
Date: Mon, 30 Jan 2023 04:56:27 GMT
Connection: keep-alive
ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
188.114.97.1200 OK 1.3 kB URL HTTP/1.1 ezcasinowinners.club/cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js
IP 188.114.97.1:0
Hash fada1c1c8f5d5f132a8ef8c7d9b8acb8
b68c7f11472a60d44066c74148ac66342a376d88
62fe5b7673d0131f91bf20b3f27b1c1ad451e8c55138c53df979d3c6675773bb
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/apps/head/tox_EUcqYNRAZsdBSKxmNCo3bYg.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:27 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1341
Connection: keep-alive
x-amz-id-2: Tp3fL8jFQJ4y5ESajuf0VDSvbH4b8MvnkjQgdvc3Bl4WYa7LT0R9pfWKql5lTTl2VDXWVD/O4F0=
x-amz-request-id: YBBNFFJ52REHMRVF
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 20 Sep 2020 20:04:31 GMT
x-amz-version-id: 2bL1VcGU_tj5tpwF05lbWzNgeL0LPYgo
ETag: "fada1c1c8f5d5f132a8ef8c7d9b8acb8"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVBNCOaFxMgC2qLfqyNTDMVav%2F%2BN37HRX%2BloUAG4mQMPQ81MMj49BsCEV2ZE%2BkHr%2FlcnJn%2B4DQoNWbwmkJDnkMaA83tPsZloBWQeOUGYnGotIM8TXo3pzCnXcDg3ycU8vxox82sUxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f027dab0b4d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2c4380697a101b67d9f8edb80bbe917c
d031ccb76ff8aeef9f80594b3ac3a7117e1ad05d
92fcb57afd01dbdc56cdd37ff2ebfb8807a286936093b1a863d334a3826aceb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92FCB57AFD01DBDC56CDD37FF2EBFB8807A286936093B1A863D334A3826ACEB3"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13160
Expires: Mon, 30 Jan 2023 08:35:47 GMT
Date: Mon, 30 Jan 2023 04:56:27 GMT
Connection: keep-alive
dishesha.net/pfe/current/micro.tag.min.js?z=4463442&sw=/sw-check-permissions-3ed8f.js
139.45.197.250200 OK 14 kB URL HTTP/1.1 dishesha.net/pfe/current/micro.tag.min.js?z=4463442&sw=/sw-check-permissions-3ed8f.js
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (41091), with no line terminators
Hash 002d32199f9116c7429c84ef9d7849bb
328e4f6b8bdfb247e311b58cddab5eaa21d5b4e3
8b9b2a4d4da7ff539e51c4bb298f0587b0c14ed4158294bfa003cb8b6893d1dc
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?z=4463442&sw=/sw-check-permissions-3ed8f.js HTTP/1.1
Host: dishesha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:56:27 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Jan 2023 11:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d3af98-a083"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bda1287a2cfcfdb3d1307f51166b69e
c2cab120270d422f74b68b1c73eff9024c826576
c192db50a7d43f457ca7e7388c69acc982861c8eb5d7eec4d686b416b2b09290
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C192DB50A7D43F457CA7E7388C69ACC982861C8EB5D7EEC4D686B416B2B09290"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12367
Expires: Mon, 30 Jan 2023 08:22:34 GMT
Date: Mon, 30 Jan 2023 04:56:27 GMT
Connection: keep-alive
my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847
IP 139.45.195.8:0
Hash 1d1522de413d0b27a43e7be4efeb0405
58c52eec6da93a26b374308e6189b8af139624f7
d9b7a5a22d87f08fbcb41ab49b3494cf35afa659a2b143800bfab1c62b07b193
GET /p.js?f=sync&lr=1&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:27 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=90679
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=90679
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=90679 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:27 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bde6a34823b48644568dc38797bb7b4c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.81.123.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.123.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ApWAZPYWZ+U7qHQEhimdPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eFaHnEmm34rurMKlX5KR13Mst5U=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 515b09433ea645bfd65232d33d4039db
5fa92dfb24793544164d78d6507f1cecc9ef81c3
b8d86a1538bc299a7d3e24ac106057e9ebd95ad7be6b2e8d9514b2fc6081db9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8D86A1538BC299A7D3E24AC106057E9EBD95AD7BE6B2E8D9514B2FC6081DB9C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 10:56:28 GMT
Date: Mon, 30 Jan 2023 04:56:28 GMT
Connection: keep-alive
dishesha.net/zone?&pub=0&zone_id=4463442&is_mobile=false&domain=ezcasinowinners.club&var=&ymid=&var_3=&dsig=&action=prerequest
139.45.197.250200 OK 0 B URL HTTP/2 dishesha.net/zone?&pub=0&zone_id=4463442&is_mobile=false&domain=ezcasinowinners.club&var=&ymid=&var_3=&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /zone?&pub=0&zone_id=4463442&is_mobile=false&domain=ezcasinowinners.club&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: dishesha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:28 GMT
content-length: 0
x-trace-id: e1c44ce5cd621fc0104930c09bc3f8e6
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/css/form.css
188.114.97.1200 OK 440 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/css/form.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash af2713e2ebc05466c65cd14224e14ea4
27c7028b4a11655b11e8a9795b10a429d31b9a06
a1c80462a0924ed4ce1fc926392123e103b73dd86b9ecb0888b3db7859cf6f2c
GET /au/aweber/lp4/css/form.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:40 GMT
ETag: W/"6102d42c-434"
Expires: Wed, 01 Mar 2023 04:56:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VJWeOBcP1D%2F28eZZzKJjyPVGvI1ejA3KUh7csJ%2FF9kMc5qnONC1TZBW4udQN8NqlOuoHdgnZ1nRdDhG56RCZBZ1zndTWt2f352D98Hcy93vao7y6VQ6bu8CyEK%2BCaX%2FuaLaRPaBzg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f05aa43b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/css/style.css
188.114.97.1200 OK 2.9 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/css/style.css
IP 188.114.97.1:0
Hash 93c41dea3203bbe7b70661676dcaf34a
df5f3c7abb6fd3096a28cb5828b6c9a2b2a74499
90dc5338905bba55c7531142099b325ac9da53ef46d6e6011c7e51f38d9adafa
GET /au/aweber/lp4/css/style.css HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:40 GMT
ETag: W/"6102d42c-33a6"
Expires: Wed, 01 Mar 2023 04:56:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrNuNsuQA0GdNv9cHp565niSAHW%2F%2BTLlQd4UAexAQVso%2BQLYwNC6z3uMJKG1y7xVwZ80zy8zR7DsGbs8FTzmqfSsLq1Ta7itipNLnrOHxmaznu92GrnWSI7uwcP1p2FUhhbxDKuCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f059ed80b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
unphionetor.com/vctx?t=93925
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=93925
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=93925 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:28 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0be335fe0651360ff03c2e8b24677c80
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=90679
139.45.197.240200 OK 2.2 kB URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP 139.45.197.240:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:28 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: dd3b39ea2b3908bdf7512a291a0f6f0f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/images/red-arrow-left.png
188.114.97.1200 OK 913 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/red-arrow-left.png
IP 188.114.97.1:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 130f4f22757530332ef944489bdb5aa5
cc007456d005e17183fc1cae19384bd9981da721
773a87f14e23870383294b8ecdef50e9c3c2f6bd0f025f58b9a18a86ab7da2cc
GET /au/aweber/lp4/images/red-arrow-left.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:28 GMT
Content-Type: image/png
Content-Length: 913
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:11 GMT
ETag: "6102d44b-391"
Expires: Wed, 01 Mar 2023 04:56:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rug3NL1dBLfAC025NmBImkvSq9U2wZeae89guIMOiG3tJwwvqCb2FvcBhjIJ0CEREPunykgc7fEK4W7XQ%2FtHGc3e6U7IQazcffof%2FkwNEbRX3linylyErU6IApKbN%2F5oBEtUSPdLqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0afa70b517-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0729af7c574710c33356c8c3c7757d6
aec801b4158398d2d3222e7247532a1b0ba446e3
057d2ed0960c8d83dda10de975594b21ddeaaf8dcc07a106f3b3c121afb90e57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8159
x-amzn-requestid: 52245e9a-4ea7-470c-ad88-1051471fc543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvBxGv2oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4920b-6b6d100e11edfa5307b67933;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:10:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qgh4eyT_OHA_N3vH7o37gjmjUpRyJMXzG3pyvKH8pnxjWxu8ykXIRw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 04:39:54 GMT
age: 995
etag: "aec801b4158398d2d3222e7247532a1b0ba446e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c400859d7b0e7bf4d60b6b72da0d3b5a
edcc70016fce38a4ad14c3737712685ae1d282f2
45f69c6dcc83120058b731e39103cb1a2a40414eed2da633b43bdccc021665cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: a5b71869-0509-443a-ada0-2f7a7cfb8166
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4AEncoAMF_LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e699-24b0a146699561100a8d592f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pQQVkmOF6_GLV-2WHa9jleOYns0XIg1C5o6OBsq5NK90IhuUpJyfdw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:30:54 GMT
age: 23135
etag: "edcc70016fce38a4ad14c3737712685ae1d282f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 24452
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 40833
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8901f99d8e3001e442c887f89e2e650
a61875fcee6c09087462f0443286482d903725bc
d3a69a5bce1852c464755452d7f5a88f0d20fbed14b9f16ac6f539d4d1bfdb21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5960
x-amzn-requestid: 313f5526-984b-4224-b321-732fe5ae5a7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkl0HimoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-430032d00080eff464e4d574;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TiZDGG_JsgbKWvLfQn_uioEKmxzYKKV8cT9wJ2PntoNPb4r1a2YKtg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:24 GMT
age: 24725
etag: "a61875fcee6c09087462f0443286482d903725bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 25317
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/images/CA.png
188.114.97.1200 OK 791 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/CA.png
IP 188.114.97.1:0
File type PNG image data, 50 x 40, 8-bit colormap, non-interlaced\012- data
Hash d6e276a0216279a5e6ed6ea3583598ce
c6fa45c097325f23865622f48a5b2b7fa23ce504
029d2390b0d9b4362f0d05184f666e13f23242ea96f471cf595ac9a37ca531e3
GET /au/aweber/lp4/images/CA.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: image/png
Content-Length: 791
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:58 GMT
ETag: "6102d43e-317"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1kDJsOCKvLHH%2B1V40sfD8bC2NCsL9K8S43%2BaryJzOwvXdYs6aFfUcXAzaADYK2blzOJQzBGuyP0C%2Fm5hZ6R28dt6OwmNEpRaKpfE4OvSBx0fane3oEA3HMYjgg3ZOrud3yVwNkIpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0af84c0b4d-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/red-arrow-right.png
188.114.97.1200 OK 916 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/red-arrow-right.png
IP 188.114.97.1:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 8cb7b80e85b72706fa368f13e40e6baf
08612867d514b3bf31e9f93390722963362064e1
721d5ad469a842631c8a8b4aca7b69a01efcad127397f1bef2c4cea3f197f93c
GET /au/aweber/lp4/images/red-arrow-right.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: image/png
Content-Length: 916
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:45 GMT
ETag: "6102d431-394"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiMfMXz%2FIWApY70Pkl%2BXnuvpsXmm74RKOTpI5VOGWz%2FzS4t%2BxxoUERBrAs45AsATFbuX0lzL3WD0dDmLyilofgStdrqiZPAYtzFIQIim1cxxHd3HKVgasjxBya3O9Zzu0JU8hXo%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0ae8480b4d-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/js/jquery.min.js
188.114.97.1200 OK 34 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/js/jquery.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32063)
Hash f4d6c4d824a3d0a9b43acb2cec37286f
b011f4937050bd70deaebb764fed6c73be487be4
8c22b6413085ef8a75722afa647280ebac0c7a2604b3e8b2152f46e62ff80ea0
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp4/js/jquery.min.js HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:09 GMT
ETag: W/"6102d449-17b4b"
Expires: Wed, 01 Mar 2023 04:56:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l30QWEQYoumeBGHWiFbLOBqDs%2F2H3eK5LF2tBAa%2BZ0eQ%2F920VULFUrDK7qa45YKYuQyjB9U3e9lHnxNHHUwEMHj4tcAv0%2BVg8WA%2Fv%2FgcgPpzyoBFc23QMQltXMmak4%2FdH6lIv7k%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f05a9edb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/slot-win.png
188.114.97.1200 OK 14 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/slot-win.png
IP 188.114.97.1:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash e44b8ccb1f094f7ab91e121c062b9d8b
7518c98361735271c17a0e204a5f54744b1dd4be
a8b500964a73f03d1b9b394f3704757c67c95492c6895d933c1347f0e2629b98
GET /au/aweber/lp4/images/slot-win.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: image/png
Content-Length: 13517
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:45 GMT
ETag: "6102d431-34cd"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjPZBVX9D516RtkOi2%2F3cQtpIQGhhVxzZaWp%2B1a9SmxbE6BMaLIZMZrS7%2BoO4nwkPCJmkAjfOsJNfVuOi7Z2QEowCr0PykWTDBIHJhS9l7d%2B67n5Jx9Fe4BfTYnlisbf69xQD4leGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0aeca6b4f7-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/arrow.png
188.114.97.1200 OK 168 B URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/arrow.png
IP 188.114.97.1:0
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 73d1df0363a7baacf1e60797df2d6e33
10795450f4aa1a2e3499a13a9135fe5d77bbdb87
75b5e0cdab12a3f715f38d7d1d5a7bdbcdd5f96e3f6a293841152ce47d4249cb
GET /au/aweber/lp4/images/arrow.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/css/style.css
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: image/png
Content-Length: 168
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:49 GMT
ETag: "6102d435-a8"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmmhtb%2FnRFlTjphSkH%2B%2F8qZ2MmRgHwY8Kb8AMEE%2BOXnDd0RkNiSCRPdoghf6AtvevsCKXtAm2%2FbRhYdwi7eQvxmAkVM%2FP2P5Ld7rDcOch%2BQ9GE8l3dsFhew7wTL6Apw6TYsdynB83A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0ceb3fb517-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/slot-result-2.png
188.114.97.1200 OK 27 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/slot-result-2.png
IP 188.114.97.1:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash ad75288fbb44c2cc60575758fc08abea
4cb39e6873cf7e04473d7e612a49f27a580d9b24
9f6fb99bd75d5cbc91ca328778620775ffedbd8572d04e16cfd32fae52aca3b7
GET /au/aweber/lp4/images/slot-result-2.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:29 GMT
Content-Type: image/png
Content-Length: 26719
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:56 GMT
ETag: "6102d43c-685f"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=296NU%2FWgacZH5ne9JC21kZTcAzDC64j9ZXNtSbiu4ztAD4RUuSCzm95KTVfeUMGPtruf9je6Wvc0psu0BPwl686mpYr4bjtMai5sdcBITz0wT77cCEdQ9iUN%2FRIe93CYO4J6YLcRLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0ae886b50c-OSL
alt-svc: h2=":443"; ma=60
my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp4%2Findex.html
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp4%2Findex.html
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=74d44051bdf63891ec9a8cba30e46aed2367a03bc7dd2aa700e02f28bbdd2847&ttl=&rurl=http%3A%2F%2Fezcasinowinners.club%2Fau%2Faweber%2Flp4%2Findex.html HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=52fc67ac23374b568334daa5fe1c8955; expires=Tue, 30 Jan 2024 04:56:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/sounds/alert.mp3
188.114.97.1206 Partial Content 8.8 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/sounds/alert.mp3
IP 188.114.97.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp4/sounds/alert.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html
HTTP/1.1 206 Partial Content
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:16 GMT
ETag: "6102d450-2262"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-8801/8802
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLZjhp1j9FyqGWih1W8la46Bv7875fnrdLV0CzHQHUj5Obo5JaFHx7Zps%2B0G3ths41p3YBMgXknUmbmuStxfJXxSrxTazGC8FczYULFKTkl0q8%2FetZ2GINpJ6D%2FhfEn0Pa76NK7d2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79179f103f06b4f7-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/slot-result-1.png
188.114.97.1200 OK 20 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/slot-result-1.png
IP 188.114.97.1:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 9e294699a5e44eae1fa11f56be812825
e6ed17668abfe8c78983e504b0b03583fced343c
70f040dc111e1c2e153959bcf8484dd72cd06d4c41619cf18525e03acec687e0
GET /au/aweber/lp4/images/slot-result-1.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: image/png
Content-Length: 20059
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:56 GMT
ETag: "6102d43c-4e5b"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svTSnCRpag1j66Wo4hufp5FJI5k17RTJUPOfuNeVsiXfGoP15DN0sOwrsJX%2BdDECWMyq7HMEkNa3TAh8o9ESdygr9dGh6JeWOtnvJpb4izoubhmWqEMfXzg%2Fkx6vvXWjJd%2FCyYCkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0e89590b4d-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/slot-start.png
188.114.97.1200 OK 26 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/slot-start.png
IP 188.114.97.1:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 505136e8cd9273c4c021fcd128a5930e
c03168068ea00290499502b424e0d675e873d6cb
dcb1933fb72b31568b3bb0e41e8a18ae04af5c3e50d1d63a3be7f4f86eb0397b
GET /au/aweber/lp4/images/slot-start.png HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: image/png
Content-Length: 26144
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:15:43 GMT
ETag: "6102d42f-6620"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw%2FLlsywYLU%2FOmQa41TvXGL4FH%2FPl9vyCclkmuRhtAr9WKYZ2%2FdzY3fnw3921ESRSa7Hhba7rHFrlKDJaOTShhASP0ml8eDbVNDnEL6rrXjFIQMdqbyTNTdoqICCL3zaU6nCXL2DcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0e79560b4d-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2504
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=2504
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=90679&bid=undefined&aid=undefined&tp=2504 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:30 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6d26e9ae6696eb04893b2caa69fbc073
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/au/aweber/lp4/sounds/win.mp3
188.114.97.1206 Partial Content 22 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/sounds/win.mp3
IP 188.114.97.1:0
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp4/sounds/win.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html
HTTP/1.1 206 Partial Content
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: audio/mpeg
Content-Length: 22067
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:14 GMT
ETag: "6102d44e-5633"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-22066/22067
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRecyhAuP5%2BJPJa0lmOo1YIWYMyh4ZiGTyXvYi1%2F2qAlIG3TomjJnO6XqGF%2BJdmd3bCq1vy%2BaZi79rwjRX%2BU%2B08RmOYQXEenaFp2q8yxwmOsUz1WjrUmMWAYjl2pB7U1Nnd%2BQAylEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79179f106ceeb517-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/images/slot-spin.gif
188.114.97.1200 OK 88 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/images/slot-spin.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /au/aweber/lp4/images/slot-spin.gif HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:08 GMT
ETag: "6102d448-1562f"
Expires: Wed, 01 Mar 2023 04:56:29 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsVXs%2Fs8HknB404ucrH9ZWtAuQBYG9K37KN5R6GzNoHWK7GcYNucuchmRSOrKtKatQv9ck5Cs3pkdaNLrBfegAW%2BP5Rk%2FzH2YLofslwr2yPVRNiFdpzHg37qef6ljeTSBOaitnViIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f0eae37b527-OSL
alt-svc: h2=":443"; ma=60
ezcasinowinners.club/au/aweber/lp4/sounds/spin.mp3
188.114.97.1206 Partial Content 51 kB URL HTTP/1.1 ezcasinowinners.club/au/aweber/lp4/sounds/spin.mp3
IP 188.114.97.1:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Hash 390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78
Analyzer Verdict Alert fortinet Phishing
GET /au/aweber/lp4/sounds/spin.mp3 HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html
HTTP/1.1 206 Partial Content
Date: Mon, 30 Jan 2023 04:56:30 GMT
Content-Type: audio/mpeg
Content-Length: 51290
Connection: keep-alive
Last-Modified: Thu, 29 Jul 2021 16:16:14 GMT
ETag: "6102d44e-c85a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-51289/51290
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euPB5olJVIZv35nEmEZyZTmtGdEDwParlBPCJkIP7KHTIkwgL0waWzVdb5fyoGsLwiJAzmCPH6w34oI61q%2BobMY1fiFt7Nvcxx0iIQHG8cVE0svE0cu8X2T6LbcnDy%2BBy7%2BysB7OYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79179f10caf2b50c-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:30 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a891a9b3eaf3bbaf8cc3faacc4ddac35
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=93925&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=93925&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=93925&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:30 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 20e9af87242e2f2f916a6affd8070869
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=90679&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=90679&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:30 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 309810f8f7728a2cc107f4865b060099
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=93925&bid=undefined&aid=undefined&tp=3327
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=93925&bid=undefined&aid=undefined&tp=3327
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=93925&bid=undefined&aid=undefined&tp=3327 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:31 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f1b9866409ab77cdda495f67a44d80f7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=3328
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=90679&bid=undefined&aid=undefined&tp=3328
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=90679&bid=undefined&aid=undefined&tp=3328 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ezcasinowinners.club
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:56:31 GMT
access-control-allow-origin: http://ezcasinowinners.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0a33646c3e65945cf4442842ea2a3df8
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ezcasinowinners.club/favicon.ico
188.114.97.1404 Not Found 179 B URL HTTP/1.1 ezcasinowinners.club/favicon.ico
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bf0b277272648b069cf7ed2ec87496a7
fd929f1268e86a295a7470c573465c3f8ad3c85e
f20a0177a9e131a2d859353d849d132d95086700c3d341bda838295abf6f2ad5
GET /favicon.ico HTTP/1.1
Host: ezcasinowinners.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ezcasinowinners.club/au/aweber/lp4/index.html?cid=w47ii55d8ohl4s8mihltjqbq&camp_id=ba0f042f-0c22-46d5-b832-ca8c0108cdfc&campaign.name=New%20Zealand%20Email%20Collection-24th%20August%20Onwards&lander.name=Aweber%20AU/NZ%20Lander%204&trafficsource.name=PropellerAds%20Pop&zone=&banner=&cep=Jbx5FdIf7xbGaqQBecZFJ56x-g_spCPopMY3He6r-t5yTHoEmFJYlQFgSkV3xObYH3KFP6lKnTjRRMwWyrIBZTPQ6rGM4yA0eENJytE4d2t2thgHp_ioXaeSeJDfg7o06J2W7TC1LaAtN-0Zvn7C6boz8hb8A_oDUns9i0VxScjoP1xwRBPf4Ieg2VwyD5stfWH4EHhxwLZBgqeuGNRPsxeINLPACQ0HqUXqLVO90vkd6ZzMK2D77kJPCXsn7SV18QubCz8vh5eWnLaX_t-Mf-N9oDD8JJiwe64h8F3-suWsZFXpYWsRx7uhFdiqSc1EnEGHMX7bJW5AbVGx5xRjtXbkbAIW502u_KTGBZcEn2fkQNRsaZKL9uPWhRWbnpoBII5z9Swe1gxO0Cb66xwT5Q&lptoken=16cd7594053b639c669c
HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 04:56:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg6o2gDZ9qCDszwtX7pWWp8HHikhPDO5bFNz0AU8FmxU8mLiXtT9ElC3Wt%2FotuGGC2HAHGWj1kpkLI2sF2aevf1cLsifdu%2FnMJ3sND8IbTClE%2FC4TLOibIhtSroetXWmO140T6IcvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79179f17ead0b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/fv.js?t=93925
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=93925
IP 139.45.197.240:0
GET /fv.js?t=93925 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e434423aeade0b27fa06be89067d2a1e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=90679
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP 139.45.197.240:0
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2d07112a3755934ca394c3ca08f53a5c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=90679
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=90679
IP 139.45.197.240:0
GET /fv.js?t=90679 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ezcasinowinners.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:56:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ab326c3ddd8512ad891f51941272dfa7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2