www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
216.15.188.190301 Moved Permanently 707 B URL HTTP/1.1 www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
IP 216.15.188.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 28 Jan 2023 04:54:54 GMT
server: LiteSpeed
location: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4105
Expires: Sat, 28 Jan 2023 06:03:22 GMT
Date: Sat, 28 Jan 2023 04:54:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5403
Expires: Sat, 28 Jan 2023 06:25:00 GMT
Date: Sat, 28 Jan 2023 04:54:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 04:43:03 GMT
content-type: application/json
age: 715
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12467
Expires: Sat, 28 Jan 2023 08:22:45 GMT
Date: Sat, 28 Jan 2023 04:54:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QsRIKJlttZSlTLP4UiMYlNdGXB1QeZFZjeKxcAjhMPph3mkhYNscaUN/if6Dwzuflizl7FbwGsA=
x-amz-request-id: RM28G3D18P2CZ3T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 04:20:50 GMT
age: 2048
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:54:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 04:49:03 GMT
age: 355
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Sat, 28 Jan 2023 06:19:17 GMT
Date: Sat, 28 Jan 2023 04:54:58 GMT
Connection: keep-alive
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1dWxWx19Oc3psF6RGOUdfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L317C1B8QvRFiN1vg9i2elQSuhQ=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2664
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Last-Modified: Sat, 28 Jan 2023 04:10:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: max-age=170205
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Etag: "63d48d24-118"
Expires: Mon, 30 Jan 2023 04:11:44 GMT
Last-Modified: Sat, 28 Jan 2023 02:49:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
www.northernedgecasino.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
216.15.188.190200 OK 11 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 18:31:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3
216.15.188.190200 OK 11 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (639)
Hash 56832b3e0ca1bfc02187ee576a4d0dec
850d148cc2465ae61059367550ca9d3fed1e75e5
9c13d52b4444b1c76f0980010cfb8339ae066105f136700d6e379826bb9c4570
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/css/extensions.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11091
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/style.css?ver=6.0.3
216.15.188.190200 OK 287 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/style.css?ver=6.0.3
IP 216.15.188.190:0
Hash 1787c807534fe4cb8773734c046cc49b
48a6e4a8d332e16ff73c62fb9242de6bd477dbfb
1e28963c8e240fb28d70f5d573dc6d74edf6c1716220707ff0603bd642c63307
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/style.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:08:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 287
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2664
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Last-Modified: Sat, 28 Jan 2023 04:10:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
www.northernedgecasino.com/wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
216.15.188.190200 OK 6.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/font-awesome/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:31:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6658
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3
216.15.188.190200 OK 4.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (21769), with no line terminators
Hash a211ff7edbfa20f37a4255dd408fea1e
b844983f4a2742adfb08d37a0885313e45efa4a7
41afc3a1d4ecc028e45d4191063307548d98059d56b0234ca4a626b85a9a129c
GET /wp-content/themes/bridge/css/elegant-icons/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4073
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3
216.15.188.190200 OK 7.3 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (369)
Hash 60f8b842b9aadc413db91298b0a22277
253e26c13304a308b85f1f11a1bbb92cfaf26ebf
ad96d8dac53bfa3dc81d5c8b86cb70b712cd71d2080921569c5e736db9070c47
GET /wp-content/themes/bridge/css/linea-icons/style.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7337
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3
216.15.188.190200 OK 1.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3
IP 216.15.188.190:0
Hash 01f67987067b61ea8d95fd8a798e1581
d73f78b56fd8b727f0850fecd0d688d832c1c30c
4cb2a4b75d2e6c2c30365cae564c890639c1eb16bc7d069da12c8e360a6e9bb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/dripicons/dripicons.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:23:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1690
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.106200 OK 996 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.106:0
Hash 48e8b27d0ad17e719b4774684392b4f5
3d90580c4d5b8ac69b1b5d0e2efbc0a780f38557
9ecfbf1c655586b99bf0d77d61eb571f2a96992ac7646864819819d910ce7371
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:54:59 GMT
date: Sat, 28 Jan 2023 04:54:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PQQV6T9
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PQQV6T9
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash ec8a91bad3ed5bd3e072cfbe8359387a
309c2c3561106df9af850daaeb7dcbb8bef646b0
e9d166843aaa629e53aa467ba6ff03e29c0676994f366bc77934b4497e781b67
GET /gtm.js?id=GTM-PQQV6T9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 04:54:59 GMT
expires: Sat, 28 Jan 2023 04:54:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TP2QB6R
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TP2QB6R
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 3bb572accd4f79eefb8a2fccfe9aa67a
1af6bfc29170147f8126cba11c5c1ab183d2e2ff
f5c0a6cb6cc6db923f2940c31225556a1a20050baea6af88c0b6756bd9e0e54b
GET /gtm.js?id=GTM-TP2QB6R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 04:54:59 GMT
expires: Sat, 28 Jan 2023 04:54:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-K7QVWQS
142.250.74.168404 Not Found 1.6 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K7QVWQS
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 6b040bc4f6b9516e86e72caff4f9bfac
8ef331ba97a220f9b92056c9d974a8f372a8d1f6
38b9dddd75a5dfdc34fbbee8e9b5c04ecb4b3c6f0a6f8ba019642eaaf859f0a1
GET /gtm.js?id=GTM-K7QVWQS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 04:54:59 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3
216.15.188.190200 OK 88 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 78f1e3ea16243e0753902c511fce3470
d85e5b80d8fe0fb09c7bd5b303e5238ea8b46522
09183f4e475a7ae51c43b2b51179a97bf0891365aa69ec91035e74486f717f9b
GET /wp-content/themes/bridge/css/stylesheet.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:11:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 87818
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/northern-edge-logo-small-1.webp
216.15.188.190200 OK 9.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/northern-edge-logo-small-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eec7526efd972a816cb2b57242a01a29
cb12bdb5ff459a0a87ad597b40fcfcb670a40333
e9d5554e3e2f8ef4a5d5ff786fb4abe6df707b1b1264c12399990169fd689823
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/northern-edge-logo-small-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/webp
last-modified: Fri, 23 Sep 2022 10:29:08 GMT
accept-ranges: bytes
content-length: 9034
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
216.15.188.190200 OK 68 B URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 216.15.188.190:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 21:03:36 GMT
accept-ranges: bytes
content-length: 68
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.netsolssl.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 986372576927c9d83e458ffdcc8d2ee7
061cff3e7148771390a86d14577196112f8c81dd
a3f1d07929e3cce75c94d4ab77d17094427986b49daf1b3629758f6463c8b6b8
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 04:43:24 GMT
Expires: Fri, 03 Feb 2023 04:43:23 GMT
Etag: "061cff3e7148771390a86d14577196112f8c81dd"
Cache-Control: max-age=517103,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907221e5b17b506-OSL
www.northernedgecasino.com/wp-content/uploads/2018/04/gaming-icon.png
216.15.188.190200 OK 2.2 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/04/gaming-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 149, 8-bit colormap, non-interlaced\012- data
Hash 190c2e3819999b61595033ef5e7b720e
03975c8db81227032eb02c4c85a0e45c4e7ea29e
cc8df767c65e1489c3687653a128e915d2c081a8f67382fd2ca6a2c41825d96a
GET /wp-content/uploads/2018/04/gaming-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:12:15 GMT
accept-ranges: bytes
content-length: 2243
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/entertainment-icon.png
216.15.188.190200 OK 2.3 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/entertainment-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 148, 8-bit colormap, non-interlaced\012- data
Hash d0cc5d1674115198da3af1a5088d54b2
bc55a69d7c91ca1950d39f2af26a6f9e0f7f9dfb
1a7f6bbb75bab973a3e4dd3279e15a28895b29f75326931c607a8fa5f22008d6
GET /wp-content/uploads/2018/05/entertainment-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:09:57 GMT
accept-ranges: bytes
content-length: 2257
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/dining-icon.png
216.15.188.190200 OK 2.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/dining-icon.png
IP 216.15.188.190:0
File type PNG image data, 150 x 148, 8-bit colormap, non-interlaced\012- data
Hash 3bc7c8f64c0b8b1a8c81904847b73ae2
cdb45c19ccc6178d919f65f84ad57172f70ba97b
d32cecf2f04cd1bb26ec65f6c697cd6961884fa52a5e44a61bb7c104f13da612
GET /wp-content/uploads/2018/05/dining-icon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:09:59 GMT
accept-ranges: bytes
content-length: 2015
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/navajoplayerscards_ny.webp
216.15.188.190200 OK 22 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/navajoplayerscards_ny.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31d7334f2f51b31478bce2977fd7b721
b90afbe6c27202a2c484934d86cb6464e3a3ab3f
d71f7e5d62374241921b9b65a8d8691dfca064fc2afe717610f6aa35195f9606
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/navajoplayerscards_ny.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/webp
last-modified: Fri, 23 Sep 2022 10:25:56 GMT
accept-ranges: bytes
content-length: 22260
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.navajogaming.com/wp-content/uploads/2020/11/NMSafeCertified.png
192.124.249.12200 OK 55 kB URL HTTP/2 www.navajogaming.com/wp-content/uploads/2020/11/NMSafeCertified.png
IP 192.124.249.12:0
File type PNG image data, 800 x 394, 8-bit/color RGBA, non-interlaced\012- data
Hash acf8478395bb49eb988c6ae88242c8ee
19ab436405c296bf7b54c75a9326b1a49b803b9a
7db6a069ecfadfe41e8d7601e943c5759f63ddec6cdad516b2f5183c6aeafa58
GET /wp-content/uploads/2020/11/NMSafeCertified.png HTTP/1.1
Host: www.navajogaming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:54:59 GMT
content-type: image/png
content-length: 54562
x-sucuri-id: 19012
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 16 Nov 2020 19:42:33 GMT
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/LunarNewYear7.jpg
216.15.188.190200 OK 63 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/LunarNewYear7.jpg
IP 216.15.188.190:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 405x510, components 3\012- data
Hash 71137dd45ff0f1f878e55c896bacdd6a
b95dc7ecaf3f671827d1924904af0e7b5b16092c
8347d6dba026010e64e38660d89d168fcb5ff68a6fa57b59a653a5d9ec664f5b
GET /wp-content/uploads/2023/01/LunarNewYear7.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/jpeg
last-modified: Tue, 17 Jan 2023 18:16:44 GMT
accept-ranges: bytes
content-length: 63352
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/2023_Locals_FP5.jpg
216.15.188.190200 OK 102 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/2023_Locals_FP5.jpg
IP 216.15.188.190:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 405x510, components 3\012- data
Size 102 kB (102511 bytes)
Hash 4f60d80ae1add5e641e5235818156597
2a65643d02c4341ba547cc92225f14631531cf54
3a040edc82111bba1b37ed6b1b9885a0370a7ef8170c37df7c323620b04557d0
GET /wp-content/uploads/2023/01/2023_Locals_FP5.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/jpeg
last-modified: Mon, 02 Jan 2023 20:17:27 GMT
accept-ranges: bytes
content-length: 102511
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/15kHiCardDraw7.png
216.15.188.190200 OK 200 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/15kHiCardDraw7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199966 bytes)
Hash b92f1bffbeddf0d6ddd45ceef0596b3d
c15e8ec47eb4a5c6e300e184737dc5779f7c4d28
5a97177ef3ff1524612ed6c8f9b139956da3b649f4dcb8ca234b9e8ecc5e9aa8
GET /wp-content/uploads/2023/01/15kHiCardDraw7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:13:19 GMT
accept-ranges: bytes
content-length: 199966
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/NewYearNewGetaway7.png
216.15.188.190200 OK 291 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/NewYearNewGetaway7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGB, non-interlaced\012- data
Size 291 kB (290754 bytes)
Hash 0a8f2673e16311f9926a1515011c1fe4
f87d162ebcdb023ca7a2494d94c7bc27406a5f39
70d6fba214c95776f59e4de5538d4355e334a2aa8d17d3e26a71c6507529b365
GET /wp-content/uploads/2023/01/NewYearNewGetaway7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:13:54 GMT
accept-ranges: bytes
content-length: 290754
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/SilverPrivileges7.png
216.15.188.190200 OK 283 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/SilverPrivileges7.png
IP 216.15.188.190:0
File type PNG image data, 405 x 510, 8-bit/color RGBA, non-interlaced\012- data
Size 283 kB (282724 bytes)
Hash 5b26a0fabe82d9d82ea24426b702b4b2
b7f811568e64e14915bbd83a80fbe81e3bf17446
d2a2c732ae077cfa61db20556bfe6900ab26f4e483cd4f5d20ea61b5e838c890
GET /wp-content/uploads/2023/01/SilverPrivileges7.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/png
last-modified: Mon, 02 Jan 2023 20:15:44 GMT
accept-ranges: bytes
content-length: 282724
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg
216.15.188.190200 OK 943 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg
IP 216.15.188.190:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1855x1433, components 3\012- data
Size 943 kB (943300 bytes)
Hash 99681ec6bd4f0eb78067a914002b9f0b
fe4aed50575792df9db541229cd5e01cefe947ce
eb139deb30088a35e2132ca7aa70084a23b97c26ead3ac5aad9926013d39f48f
GET /wp-content/uploads/2022/12/NEC_JanCal_11x8.5.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:55 GMT
content-type: image/jpeg
last-modified: Fri, 30 Dec 2022 23:40:44 GMT
accept-ranges: bytes
content-length: 943300
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/print.css?ver=6.0.3
216.15.188.190200 OK 233 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/print.css?ver=6.0.3
IP 216.15.188.190:0
Hash 4694e872dbf625988ec2ed58bcc68d61
07d569079314ac0499392683c40a695a0f818c6f
7cb3293816c217a91c322ba7cd51c6ce159038e86675af485c08a85221706c24
GET /wp-content/themes/bridge/css/print.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:10:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 233
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821
216.15.188.190200 OK 5.8 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821
IP 216.15.188.190:0
File type ASCII text, with very long lines (324)
Hash fbdd1023459a5556a06f3083226ec7a4
0534cfd9be36bd9f09d67d050f0bbd20a3cdf9c8
e3a3a05e2edf04c14bb22835cceccd7ae1d0040bf6584d404426953d20d7ec9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/style_dynamic.css?ver=1667038821 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5827
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 367989862765bd5ddbb89f38506d7236
ca0540c2f43926346bff0a0280e21cad12a7c902
906ebfbf9ac3441388c32453bf2a9619bf8ab55ffdaa8a1f714af3d4fd66aabd
GET /wp-content/themes/bridge/css/responsive.min.css?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Sun, 10 Jun 2018 10:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12401
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821
216.15.188.190200 OK 295 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821
IP 216.15.188.190:0
Hash 6ded922bcfd08b50084e7332131634dd
fe24b459bfb87d4058bd5b8bf0a866f28d1df604
2bbce9935773d820ac4fe2e335c5e20896d1a14d43a4ae7821bab55dc90bd601
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/style_dynamic_responsive.css?ver=1667038821 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 295
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/css/custom_css.css?ver=1667038822
216.15.188.190200 OK 199 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/css/custom_css.css?ver=1667038822
IP 216.15.188.190:0
File type ASCII text, with CRLF, LF line terminators
Hash 2b51d85e442adefa5ef6528544e45276
9c8603c2c30c38f58b0ecf8b0026faaa2f454e58
9a4bc2c9feb098af265c6f285937a74297323dac2eaae934970dcf9db375616d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/css/custom_css.css?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-length: 199
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (65412)
Hash f939f11451ff5d0b91c776b434374477
8ba4ce276493ae39112b159315c3abacae59a741
2be43c352e1ddff151daaefb74b890462a9b6f86d7eb75570a76220eb1a4792a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/frontend/css/kingcomposer.min.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12128
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 04:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 04:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 04:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 04:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 04:55:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97118e74a8f60620950e42a11c11d71b
d144bbb82392a6103810ac9baa5346ddbefb5c16
2ce0c9696cf9842243186e86bae28c22896a9f51837f4961b6c7e3cfdfb24bd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3774
x-amzn-requestid: deae2f1e-baec-408c-92a7-4859d4afed47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EgFAgoAMFXRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b6-32a2ff1a369e7b5f41ecbabd;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYb0x8jVdY5lPTL7paxqk8J2gDYs4Hn27fAtzxJ3CapnyWOHulqy4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:09 GMT
age: 25551
etag: "d144bbb82392a6103810ac9baa5346ddbefb5c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 25094
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 940946e65210c717266c3a64751f1b72
f0e66aeef0c72865d565f48b563f66a184b758a9
1d031b8a530a1e6d84d79fae891f023e1ab7646596c00c57d83cfffce1f6fdf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5742
x-amzn-requestid: b22fd8a5-eefc-494e-a304-75b69eef069d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFr2GsdoAMFpqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8318-69b5e7c726fa92134d08c775;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBpEdVPmvtXlsyGTvZCkIahK7_Ivhq4yswhw23ixIOH1zlgWPyLH9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 04:39:18 GMT
age: 942
etag: "f0e66aeef0c72865d565f48b563f66a184b758a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6
216.15.188.190200 OK 2.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (36512)
Hash 2c5ab0a12b2e7a6cb02045765967f97f
d73693cde81821b8e47109f539ccfff9f8494eb2
c6ff61e4d2c086e683e313a114c32133328e5cd2428d3a3916f76f2c0c618ba2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/css/animate.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2677
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 591edd56-d422-459f-8934-532106be7e90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_quGvkoAMFWQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44644-5bda946b19b8abc54d324bab;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:46:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yAWADPixWRJsEV9OqvunQGhVHlobpluc-VwHlhq1psEwNh_ignw-dQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:03:05 GMT
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
age: 24715
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6
216.15.188.190200 OK 10 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (35475)
Hash 575cd3382b71fd529e1b917c35b55184
4d3067951ecf3f04283b69ab1d2e9f2a69e29e62
37216948fddd89b9dc1e9b46bdfd763334acdd5d4d225b43698b4272cef6bfd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/css/icons.css?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Tue, 16 Feb 2021 19:08:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10317
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
216.15.188.190200 OK 30 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 216.15.188.190:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Tue, 12 Oct 2021 15:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
216.15.188.190200 OK 4.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 216.15.188.190:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Thu, 31 Dec 2020 11:44:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3
216.15.188.190200 OK 5.2 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (19038)
Hash 385a605a956f040ae93711db0e8cfe83
a9e4994795dcfd587295cbfca27693de1b055c12
a88c489dce9c3175f40a575f99bc4a10230a9e15cf5cc4a928b9e23ae82c1fab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/jquery.bxslider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5204
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/fire-rock-logo.png
216.15.188.190200 OK 970 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/fire-rock-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 8af92fcaab424b2e3369b538bd5739c7
b810a72934779b8f9b91645b98987b6ac4842a54
e33cc9c26e5fac6d150f61ee57f0b97c5c9ac4bd61cf7e52b6405a688b3e2762
GET /wp-content/uploads/2018/05/fire-rock-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:10 GMT
accept-ranges: bytes
content-length: 970
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/flowing-water-casino-logo.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/flowing-water-casino-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 96a7d7f58723198d367980cfade0b7b2
dbc177c0e7b0746c6b084ae0c833a46b36dcb4b1
139195e4bc73a77ce3de12972f31317ed75b76e963e98308437fe01970a28933
GET /wp-content/uploads/2018/05/flowing-water-casino-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:09 GMT
accept-ranges: bytes
content-length: 1120
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/northern-edge-casino-logo.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/northern-edge-casino-logo.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 49ebe0b2383d08d934fe85ab16ce7bb7
384f6c3a83edcd72eea03f709b23bef216d5c449
b58e8e146cfa703d526f6da01f245cf041f91fa8c8ab5e327c7e57b7a5c4f865
GET /wp-content/uploads/2018/05/northern-edge-casino-logo.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:05 GMT
accept-ranges: bytes
content-length: 1066
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png
216.15.188.190200 OK 1.1 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png
IP 216.15.188.190:0
File type PNG image data, 100 x 51, 8-bit colormap, non-interlaced\012- data
Hash 4b9a0f600cd596246bf78184ffe90548
6a9b7d228fa5e3f0e1ef9ce7278adb6cad30139f
d80dd34ba7729a52b1018d280fde0f7bec82d96e45856c444935bc3e257e4a6b
GET /wp-content/uploads/2018/05/twin-arrows-casino-logo-sm.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 22:10:03 GMT
accept-ranges: bytes
content-length: 1123
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2020/10/navajo-blue-logo-2.png
216.15.188.190200 OK 2.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2020/10/navajo-blue-logo-2.png
IP 216.15.188.190:0
File type PNG image data, 154 x 51, 8-bit colormap, non-interlaced\012- data
Hash 36c6a99f1cac59fd8555c99caf6465a0
94dbf85b4295c5a5c3f10f8ddeaa267e0aaf9f96
9bddd4643721cda93cd2d6ad8ffc764c2afc608ee85c86f6f1686d43c9b0bb5f
GET /wp-content/uploads/2020/10/navajo-blue-logo-2.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 21:26:16 GMT
accept-ranges: bytes
content-length: 2520
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
216.15.188.190200 OK 12 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 5759693240a256e1c04a9aa241217f7d
4a8d20375f5b5ea2ca66fe2d7795299446702f65
61ff82a558e57fdd04525c81cf385bd25d98ebfc581c752a749c3cfc93097eeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: text/css
last-modified: Mon, 29 Aug 2022 21:03:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11913
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3
216.15.188.190200 OK 17 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fc4065b4ec2672ff8b392f7cb6e3236a
1aea096e8ca789056698b463eaea6fd69905749e
f44dfe1e2446a195f594a3c22a18fcf25b25f004e2be18ada7d15bd740b3e1ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rd-extensions-bundle-for-king-composer/assets/js/extensions.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 17320
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
216.15.188.190200 OK 47 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 216.15.188.190:0
File type ASCII text, with very long lines (45108)
Hash 502eeaf921955755f84ae8b09eb22768
6457324b9b1b24121f99514ec32ac73d617361c8
32038768c28b9e02f9df2740ecd01abba2d3c0ff3476d7e31ae64469f6befeb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 21:03:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 47289
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 24037
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50175d32bf658166ca26db1633fdb95b
69bb6d345d73cd24fd33ad009cc1d3315e7d94e7
d3d3b551cc8b557a1f92a4d819cbb7ab618ef3fac9568f57513fb4905817dad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5092
x-amzn-requestid: 05cd1dc0-54b4-457a-83f6-5f774e65766f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwH_toAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3a038caa6435720711028ac9;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l6UFb5XNFyRi0hzKaoGw6iYSZ_b388GByLdSaWkhoEUers4I6Ji9Jg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 25562
etag: "69bb6d345d73cd24fd33ad009cc1d3315e7d94e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=2026826971&cid=579002993.1674881701&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674881700&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_160x600&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=2026826971&cid=579002993.1674881701&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674881700&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_160x600&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-TXC8BHSENP>m=2oe1p0&_p=2026826971&cid=579002993.1674881701&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674881700&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernedgecasino.com%2F%3Futm_source%3DProData%26utm_medium%3DBanner%26utm_campaign%3D2030283%26utm_content%3DNew_Year_Getaway_160x600&dt=Northern%20Edge%20Casino%20in%20Farmington%2C%20New%20Mexico&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.northernedgecasino.com
date: Sat, 28 Jan 2023 04:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 381739
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16780, version 1.0\012- data
Hash 442e4ee909315121ec3abc8db2f5c2e5
c8ad6315296b32c25350e9c7c724d10a2a745cb6
9143c69a1b271019aa0c602b4addb1c0256e503785c1ddd6163c2cb176c50768
GET /s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.northernedgecasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:16 GMT
expires: Sat, 27 Jan 2024 10:05:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:53:45 GMT
content-type: font/woff2
age: 67784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/wp-content/uploads/2022/09/ship-rock.webp
216.15.188.190200 OK 44 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/ship-rock.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a88ba34df6243b9890f9277b0fdd0267
3c4e94178129c928bea99f8f6e080d0fd34540d0
77797dff0a46e7d26631f285cde956a2c5ea4e85f4d268672cf5609fdd3bcc73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/ship-rock.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 09:47:26 GMT
accept-ranges: bytes
content-length: 44292
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/navajo-bg-1.webp
216.15.188.190200 OK 168 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/navajo-bg-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 168 kB (168418 bytes)
Hash cf76e36206ba4b267f4a563a42458b2f
68bd03d173edf6fe22954b98d3329a914ee45d01
9edf5ec7927754403f2df7f63b29788df1ffef8e657037c94f69b930bed1d741
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/navajo-bg-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 09:56:54 GMT
accept-ranges: bytes
content-length: 168418
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3
216.15.188.190200 OK 306 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (592), with no line terminators
Hash e576eebbe0a4707f924ada1fb3994b11
fc34bd52b0a5c2f751688be3e3b40fcd14c3af0f
e0156bce1fce14ad57c7cf6b915f57520acca9761dfcb5db2198a488fc19ec7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/qode-like.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 306
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
216.15.188.190200 OK 6.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
216.15.188.190200 OK 2.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (8632)
Hash d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2645
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
216.15.188.190200 OK 2.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (9937)
Hash 49204cf52f39b1e15b9785d1fdb9fb4d
b02e2fb4f1e54b93e52b7084b50f015a680953c5
8955fe73098cdba5385083c9014f5d55da1b69d106635981617128c359261f4b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2880
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
216.15.188.190200 OK 2.4 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 216.15.188.190:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2354
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
216.15.188.190200 OK 6.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6872
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
216.15.188.190200 OK 281 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 216.15.188.190:0
File type ASCII text, with very long lines (463)
Hash 2bd32222de02ec6631cc34c5a5e0d23a
870c0f56cd4535a5546d974ff3eb2e3e66c97cfd
234dabb9c00a28b9055c7409fb1bc88581dfd807959239e281dbd7ef85df6551
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 281
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
216.15.188.190200 OK 1.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 216.15.188.190:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1575
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
216.15.188.190200 OK 3.7 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 216.15.188.190:0
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3717
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
216.15.188.190200 OK 858 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 216.15.188.190:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash be2374eabf981621988021fc2425df91
96272e603964f155600a1e8aa3835fe2fe95756f
2db40c016bc0a8cb0361a98a69c29e9043a42467198035460dc4604035729eff
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 858
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
216.15.188.190200 OK 2.7 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (8339)
Hash fa734a7edac912fe0dd64d553e03ce24
76ecc26bf8c3ab2f083a816729ade021fc0ce31d
f36fed518bce85ac04631138ca442fb3630037749d36e1003ca4c9a5ca41bc63
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2692
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1
216.15.188.190200 OK 1.5 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4230)
Hash 195f7259e4d622106534c411efbab52e
45f3fb5f1b226ca3b87bc0110fc8363a369c56a9
8a8e2390e4e2fa11ffd8471cb68a7f840bb1a8f888454e16dbc95970c1f78887
GET /wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1458
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1
216.15.188.190200 OK 1.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4145)
Hash 5d8ab242717db0b53caa5e432f0b2de5
3904696d5ab950faa19dd5d76ba8c58f5353c00f
dfc140a7f85b0f7be1a3f4cd6b787fa4ba9397d4c66ea7e5e1903d37520d4a25
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1277
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1
216.15.188.190200 OK 1.8 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (5959)
Hash 1731a20b854eb4d87e01eed65ce8d6e6
a54530be602794fc94da32a093c510e8ada302ae
88099d70563fc2c263b6c38da856d8014bf91073047b9af7a18fdbdaffc2c6ba
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1813
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
216.15.188.190200 OK 10 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (36560)
Hash 6a3abc4777f2019e8a4a56ef15fad918
f9a62dfb1c9a97a5339cb908c38bbe4e41e925d1
3dbaeb84eedb9802084c31f8f2962282fe36d32e7b6f9f36115aba450230cb0c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10499
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
216.15.188.190200 OK 1.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
216.15.188.190200 OK 5.1 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (18523)
Hash 69d44ed0699a7b6e24f3a15dee49ec98
a047c69a419930df77a93d4fb2c6972075da66c6
dd6ff9795762edb4f50545e28641781889d3ef127dadf270350007f523ab7029
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5120
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
216.15.188.190200 OK 4.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (18145)
Hash 40a06c22ccca1fe24af5c56ab90b6dd6
fd8604eb37050f0eaac024fc7f7a05119defb4a3
23cbc84c4c1c2a67f890dff176637fa339bce87691f5b43e20f3d1e278920296
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4648
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1
216.15.188.190200 OK 3.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (12793)
Hash 34975534fac388465e0315e20ca3a2fd
05b9c4744b6e25ed33df5bed6406a7b882146c8f
de3d007fee3141f0647850eb836dc97816342682c271aa142ad9403c898b7f64
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3629
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
216.15.188.190200 OK 1.9 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (6469)
Hash 71fb1bf715053ce88e6500710bdd1bcb
ab2542e9e5fa72f6e012083bc2a5be4635150e44
cfdb5fd50f137649cd5c9cd2c5e37aaf62f8b7e64082bc0457ac37c51ad766d5
GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1897
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1
216.15.188.190200 OK 832 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (2356)
Hash 3a3d4c91262a8189309293fa5db6403f
28cc7f494801219ec47bdb74a09b2d1937eb74e6
bf6f9e037a8f75139540ddf1c0b46c8251546608fd2180d586bb9c8dec655108
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 832
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1
216.15.188.190200 OK 1.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (4308)
Hash a432db3e4012292266844f0742f466d6
99264e8bb0d89a0feb2e70d689da5b2968495f3a
58b96f836abfcf9253c38e1c7497c36f6ffc63f16b15ddf880bdc63f6e8c9caa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/selectable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1304
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
216.15.188.190200 OK 6.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 216.15.188.190:0
File type HTML document, ASCII text, with very long lines (25274)
Hash a7e69a1542d0a43eddc8317544f17b1e
98e234ad57bc3362434b19a9706a12a208a6da9e
7ae4fdd186ab6ef0c5d2548e9bfb916e9c8556cffaf098ac2cfe1799fa9ab803
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6330
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
216.15.188.190200 OK 3.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (10572)
Hash 4d91b181c899d08e40a921209ff01a35
a1fab39994e7a3a0bd3669e4d90867bdcb4c92fe
f03654a085cb9f742b777444c1a0d98925dbc1cae16f9d9c634eaadad6633dde
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3000
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1
216.15.188.190200 OK 2.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (7451)
Hash 9fa87ca32d6e8e0bb3a5c340b2cdd3cf
fe89afe6bd2735532596c09f5bda17b68539012f
69bd41f6d5b4690ad0f96fb40a1006904469cfb7eb294ca3947599eb75f33fc7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2281
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1
216.15.188.190200 OK 2.0 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (6004)
Hash f461bea3a99553a81e8079c25b5579ee
02c6d731414a5444e55b610c2ae8f896bd5da33e
37115d62808d743aa9564fe2a67ba8036fb1517ca3104daf05276d5496ac05f7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1989
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
216.15.188.190200 OK 3.8 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (11760)
Hash cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3760
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
216.15.188.190200 OK 6.3 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (15439)
Hash 46c619da94a7689538602b22b02cb0d2
d161ff0b1a1cf9728c94a45d6e506b85dcebc84a
40fba14e5b02855b7773e2a364d90e178087c768ae4192f593a895a4c4b0d5e9
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6306
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1
216.15.188.190200 OK 444 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (678)
Hash ea38a044a01eb94f833b1509a6051e9e
a1895be9b7c78ae2c066c18e6879dd74629ac30d
ae6569939d46f49e5e3e4789001b8f9c854980c8121eef23fe6c5bed8f38e857
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 444
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1
216.15.188.190200 OK 534 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (788)
Hash 33c92ce0d92fb8a7ad61d417ca3d00b1
d2a2e95187b844c0b481b277aa72a750497a4e1a
7bddff391001510df7ebe37b4520377c2a866f3d36421054d623ad7d110f2d2a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 534
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1
216.15.188.190200 OK 400 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (595)
Hash 7c13e3d5d2faaea1e98145a1b1ff9ebe
d5a8dc8d80894277f780dcf44e8c8391719a96fc
53d86d77efeb134bd70c0d5172f65a2e2553c52c07a4e2b032d8f72b686af7f3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 400
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1
216.15.188.190200 OK 416 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (552)
Hash 7e170f5fc0408639fc726d374db1823b
18e66b6dd31207b53b01d69fe293725549c15604
f26978f4cd536b8dc98e2a7b9fb2110c2461e5a8e5be14b28f6cf7cb7c52f558
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 416
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1
216.15.188.190200 OK 587 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (918)
Hash 3b5ff5d438b826675b2aa029e2413ddd
6b65c3dd8b58aa1621eb3b405c6a7e0aef50bbb2
202d5cb5ed4179e2d961229c5c481fdb8d858036721048403215105ecfe4568e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 587
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
216.15.188.190200 OK 290 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (324)
Hash e730425aa52405fcf913d7a5e484c878
f18610aeb1353d8876983ccf24502c729e9d237f
2c4a06c2abcccf8f9654294184fa500aa3eba7a358802e8ce423326e2d26da9b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 290
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1
216.15.188.190200 OK 510 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (819)
Hash 1445dd0b1f6bf6269c40ce8395ab6fc4
ef58bb0151597ca8d414a02685b7812408f2a71e
7aa177b5ae385fdbe53a71d2da35b7632126287b14d7aeda46483b6e838314e3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 510
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1
216.15.188.190200 OK 341 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (442)
Hash d595b5e4a9e060ae93eba34bafc6ffdc
0f66aeb9ff02928c6c5901eceab3fc05a2b7b0d7
a43121cb11d93eeaec5808a40ade953c1e2346b74f827bc87d3a66384a26c8d9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 341
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1
216.15.188.190200 OK 373 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (484)
Hash 351cb47d8737f6d610cf73b6648e8ce3
4e84a39e9842b62158223b6c851661d0a223734c
9c9550cdda85529b57d4032862d1ae79d2d4427ac5efedb65323601d8c1b9df3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 373
date: Sat, 28 Jan 2023 04:54:58 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1
216.15.188.190200 OK 887 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (2290)
Hash be448ad7660329a3a497d7b8ece893aa
78b58e18accaef1cb9634017813d3e10008033c8
bdd2c66a9fc957727e0be1ee60c89320781459ac74ad1fa2ae43aa49fdc9a59c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 887
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
216.15.188.190200 OK 368 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (521)
Hash e185c49f11239fc93f8ddfabb1cd6227
ea2e1908ca8e114ee59955a3175604bbdaed3ccd
0116afbd69e32568e861f7d7cba1c0d3ecae2c59d5a5c875b8c2342b22e3e230
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 368
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1
216.15.188.190200 OK 433 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (644)
Hash 70355ca2dec0790ab6faed31f20d6a12
89440e38f3c5eccf075142183f7e9c462778e6b3
121cf76d635e6f968c86c6aecf96607505975926fd5c63297dd70b154cf85263
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 433
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
216.15.188.190200 OK 486 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
IP 216.15.188.190:0
File type ASCII text, with very long lines (715)
Hash 3b7a30d4b8a9fac3700f506823b445a5
bfda8f407a298e3435300b51e4214e5624c9f3a1
564266f4459d3e44f0ae583d15423f5599fd0db813a2fed4b79dbcc4101b4676
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 486
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1
216.15.188.190200 OK 245 B URL HTTP/2 www.northernedgecasino.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1
IP 216.15.188.190:0
Hash 46586f87b8736a1c01b63685cff12ba9
ec1f2d502147ca8ee9e0cbb221db81e063b963de
eca97a30e3de3dabd3406730179a3495158454f08d4af0619a2dd135ac4be1e7
GET /wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.13.1 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 245
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins.js?ver=6.0.3
216.15.188.190200 OK 126 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (14756)
Size 126 kB (126419 bytes)
Hash dee161fa08993731e2ed2a88fcb9329f
b00d3aff98b6c0be5ef4bf7ba5ff11fe7043cdb9
cb19d1d4e28f0be4a1713452f995f1d86993164eb32cb9d98dc9a0f0efab3bd8
GET /wp-content/themes/bridge/js/plugins.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:11:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 126419
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3
216.15.188.190200 OK 14 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (62633), with no line terminators
Hash 1a2745354f551fc6ced7ff8a0fba74c0
22f1fea265f557848c8202280ce1b2fcee5f5abd
810cc58621880aee4bff8d0f0bbc769318ae4e9c85845d06b27ebb49b1a0d55d
GET /wp-content/themes/bridge/js/plugins/jquery.carouFredSel-6.2.1.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 14013
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3
216.15.188.190200 OK 1.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (6059), with no line terminators
Hash 9d3857011601a80726fe88556d597fb2
82bd64920fd4c3a235fa840c0265daafa1d2f8ef
95d5ae697bdaef272e77557300aca8a72d6033f006dbf26fbb98892fdc4e4c37
GET /wp-content/themes/bridge/js/plugins/lemmon-slider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1375
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3
216.15.188.190200 OK 6.9 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (550)
Hash c021aad149cb5ba028e6f38a6ca7b476
79805cc173a5f53854f009240df0d7c4aa6c60be
cd1b70431c3970e8c1867cc457d306a897fa86bf6df28b2a19bae90afec79b61
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.fullPage.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6902
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3
216.15.188.190200 OK 632 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (1020)
Hash 3121d1d14d1ab1ee5a3dc7d2a482188e
2bd5e8a56ab3a4312244972ed5cd8955f7b0c770
fb3e136d13e98bf78273a34c1ff3ea60cb2c0ccd4db72b4750b9f89a1e6cdb39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.mousewheel.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 632
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3
216.15.188.190200 OK 3.9 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (11417)
Hash 25bbc9364ae6fdb9ee7fde67315d050c
53b4ccdc64aec24fa96ce5c0fd2833d51a92de80
848454e6a1ec0ac728d04865f512242e13f8db221089eb77dad7dd2f7d3b9931
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.touchSwipe.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3853
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3
216.15.188.190200 OK 9.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (32003)
Hash aeaba22097e698869d19f9d8f6245348
df68f36a8dd690dd3a35042fcbfbddbdaaeaf655
ed796bee3a79b79f74f45dfa7176a7660581d3e44b3d8f6211391cb3460bde7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/jquery.isotope.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9448
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3
216.15.188.190200 OK 4.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (13547)
Hash 35d96f3fa0ccddfe6362afadf76399d4
6ca699f146382ec8bcbae7c61952423af56a0629
5b1c7c642573cd113c8a6c99d2ee7ec518197ec10eb0b95b7d909ec5208754bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/packery-mode.pkgd.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4002
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3
216.15.188.190200 OK 1.7 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (5442)
Hash fbb281e56f1113643d4578bf18beee03
055719bf5d6bd80f027d7b0994595ed2faa92f83
cd052e866ef5786e9e62735e1cf530c15c4723a82df3a2f9a38df43873531b20
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/imagesloaded.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1698
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3
216.15.188.190200 OK 2.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (8049)
Hash 526bf4ee927eb16f719d553f6a1bfb8b
c7f3d358f8354a89590d80a37d4651949adc464f
9c11c6b7724e3559ec399fb4e1790e0cb8374044a5159c57ccd14abf7a9935b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/rangeslider.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2496
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3
216.15.188.190200 OK 8.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (25057)
Hash 230073383d84e5c707277dbe7b2bf187
333b50ebc205e111303ae66cd28e4a596e2a864a
7d341974027d1d8d5a2dac3da5adfd0af3d40b517ec5a019b3f1c1a3f21fbdb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/TweenLite.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8541
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/ScrollToPlugin.min.js?ver=6.0.3
216.15.188.190200 OK 1.0 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/ScrollToPlugin.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (2140)
Hash 7476beb5b32397d5c5e28cef92913237
561812cb7a010d00bbf1fd524962836fe79fc326
f438cea8f6d102150d3d86f6985421c3561adadc35f29072329e44e315d0540c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/plugins/ScrollToPlugin.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1011
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/smoothPageScroll.min.js?ver=6.0.3
216.15.188.190200 OK 311 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/plugins/smoothPageScroll.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (667), with no line terminators
Hash efee605f0e2e5d8265430e79029759a6
b36764052a35033dea10ab89e8a18420ae480f9c
06cc370dd3efbc710a4847c19beed9d3773bc5d29e77a911a950415645153be2
GET /wp-content/themes/bridge/js/plugins/smoothPageScroll.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:24:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 311
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822
216.15.188.190200 OK 1.4 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822
IP 216.15.188.190:0
Hash 067496a2175fbfb57317734f3c5b4dea
faea0badcf002e0dfa3c9cafdd4eb843aae0e29e
56326dc46adb777f95e65a52b1755d5f00cb2c049bfaf388852be436d5ca148b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/default_dynamic.js?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:59 GMT
content-type: application/javascript
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1434
date: Sat, 28 Jan 2023 04:54:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/default.min.js?ver=6.0.3
216.15.188.190200 OK 40 kB URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/default.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (31999)
Hash 6b66e12cc83fc8f918acc5329a5fdae6
e22c860346db6eb0f4ef7eb82da29c0a707ef022
ef68086a614d326cb8225545e812b825e533598437f7aacbbe9af3b751df210d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/default.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Sun, 10 Jun 2018 10:11:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 39679
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/themes/bridge/js/custom_js.js?ver=1667038822
216.15.188.190200 OK 85 B URL HTTP/2 www.northernedgecasino.com/wp-content/themes/bridge/js/custom_js.js?ver=1667038822
IP 216.15.188.190:0
Hash 24b28ecb559a8adf2ee81d794dc3352a
8381f0ae423fb7155cfb006261bb7c13345acc4c
e7a8810a40ac398eaf5862eed41b7388c648acba58021c08a381a62024ecaf48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bridge/js/custom_js.js?ver=1667038822 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Sat, 29 Oct 2022 10:20:22 GMT
accept-ranges: bytes
content-length: 85
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
216.15.188.190200 OK 1.2 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1228
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6
216.15.188.190200 OK 7.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (17655)
Hash 26670605724b5bb4dde1f1d914d737cb
5223750bd2f7341295d53632278411fe1a8afa6f
f27bb7a07ceb26bd54630894e1ae5715484a68d6bf60eef676c04a82062a4eb2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7540
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6
216.15.188.190200 OK 1.5 kB URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6
IP 216.15.188.190:0
File type ASCII text, with very long lines (2765)
Hash 85fa3a49d167f121499846ff7f1f72c1
0653e5d0c99fabfa62b7f6ce5ae7524e6889f2d2
51ec9b39329cd3a9fd7d9711181a67f1d20c341856ecd5064c10856ff1fc3f1f
GET /wp-content/plugins/kingcomposer/assets/frontend/js/video.play.min.js?ver=2.9.6 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Tue, 16 Feb 2021 19:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1485
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
216.15.188.190200 OK 4.6 kB URL HTTP/2 www.northernedgecasino.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 216.15.188.190:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 17:40:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp
216.15.188.190200 OK 8.8 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp
IP 216.15.188.190:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e70276d68057e1bc781bcbc379e0c750
aff394ecfb8039652c5184ba0a6d9bdd84a1cdba
d5847fb4c9bb3ee9f4c3f4fffd54b3e82d7ecb83165e96d305ae86f4629aa8b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/09/SQUASH-BLOSSUM-BG-1.webp HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: image/webp
last-modified: Sat, 24 Sep 2022 10:08:45 GMT
accept-ranges: bytes
content-length: 8800
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 28 Jan 2023 04:18:31 GMT
expires: Sat, 28 Jan 2023 06:18:31 GMT
cache-control: public, max-age=7200
age: 2193
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2020/02/northern-edge-favicon.png
216.15.188.190200 OK 722 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2020/02/northern-edge-favicon.png
IP 216.15.188.190:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7225604362597f8dc26f19f914041ca9
32e03f706685c5db90484ef7cb3a31e81fbb9e32
a34537411e3686c1204c44645893a0bd54081de432986e62b66100a2abbc43cc
GET /wp-content/uploads/2020/02/northern-edge-favicon.png HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: image/png
last-modified: Mon, 17 Oct 2022 21:29:10 GMT
accept-ranges: bytes
content-length: 722
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:55:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=579002993.1674881701&jid=2026942350&_v=5.7.2&z=1870780881
209.85.233.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=579002993.1674881701&jid=2026942350&_v=5.7.2&z=1870780881
IP 209.85.233.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90264610-1&cid=579002993.1674881701&jid=2026942350&_v=5.7.2&z=1870780881 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.northernedgecasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 28 Jan 2023 04:55:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2018/06/northern-edge-casino.jpg
216.15.188.190200 OK 381 kB URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2018/06/northern-edge-casino.jpg
IP 216.15.188.190:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1900x796, components 3\012- data
Size 381 kB (381435 bytes)
Hash fb94d443970b6d74bb5782a2cdc239a1
7a6a4a3868022adad3695148d8e53dacec5aa7fe
f3bbbbeff62da597a4aecc29d2de4e4b3ceb3bae73a66e33c9afd885df4f51e9
GET /wp-content/uploads/2018/06/northern-edge-casino.jpg HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:55:00 GMT
content-type: image/jpeg
last-modified: Mon, 17 Oct 2022 21:46:56 GMT
accept-ranges: bytes
content-length: 381435
date: Sat, 28 Jan 2023 04:55:00 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:55:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
216.15.188.190200 OK 0 B URL HTTP/2 www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
IP 216.15.188.190:0
GET /?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://www.northernedgecasino.com/wp-json/>; rel="https://api.w.org/", <https://www.northernedgecasino.com/wp-json/wp/v2/pages/239>; rel="alternate"; type="application/json", <https://www.northernedgecasino.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sat, 28 Jan 2023 04:54:55 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.106:0
GET /css?family=Raleway:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Didact+Gothic:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Open+Sans:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic|Abril+Fatface:100,200,300,400,500,600,700,800,900,300italic,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:54:59 GMT
date: Sat, 28 Jan 2023 04:54:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
216.15.188.190200 OK 0 B URL HTTP/2 www.northernedgecasino.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP 216.15.188.190:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 04:54:56 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 21:03:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 97780
date: Sat, 28 Jan 2023 04:54:56 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3
IP 188.114.99.234:0
GET /bootstrap/3.3.6/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 04:54:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/20/2022 02:31:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6badee49dcbeee95d6a4fb116d53378b
cdn-cache: HIT
cf-cache-status: HIT
age: 8831094
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7907221ceaf31bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3
IP 188.114.99.234:0
GET /font-awesome/4.5.0/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.northernedgecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 04:54:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/04/2022 16:30:16
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0157da27c959d58ce386b514495c90c7
cdn-cache: HIT
cf-cache-status: HIT
age: 8834147
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7907221cdaf01bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.northernedgecasino.com/wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4
216.15.188.190206 Partial Content 0 B URL HTTP/2 www.northernedgecasino.com/wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4
IP 216.15.188.190:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/NEN0123ATVH_Northern-Edge-New-Year-New-Getaway_FINAL_122722_.mp4 HTTP/1.1
Host: www.northernedgecasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.northernedgecasino.com/?utm_source=ProData&utm_medium=Banner&utm_campaign=2030283&utm_content=New_Year_Getaway_160x600
Cookie: _ga_TXC8BHSENP=GS1.1.1674881700.1.0.1674881700.0.0.0; _ga=GA1.1.579002993.1674881701
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Tue, 03 Jan 2023 16:44:20 GMT
content-range: bytes 0-4438957/4438958
content-length: 4438958
date: Sat, 28 Jan 2023 04:54:57 GMT
server: LiteSpeed
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2