r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9672
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 12:06:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5468
Cache-Control: max-age=86182
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:06:02 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:02:24 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9136
Expires: Thu, 24 Nov 2022 14:38:18 GMT
Date: Thu, 24 Nov 2022 12:06:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 11:17:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2926
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CCeK0Sfm0JQmHI6ux9Nt1W8P6YT48pVd8L0ULjN3v5U/8opSRlrAOHoSVZZP4k3yiQ3cVnozyJ0=
x-amz-request-id: DEYHGYGMJC0SMMZ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 11:40:23 GMT
age: 1539
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 12:06:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
akseslink.com/proads8a
103.30.147.117301 Moved Permanently 707 B IP 103.30.147.117:0
ASN #46050 PT JC Indonesia
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /proads8a HTTP/1.1
Host: akseslink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 12:06:02 GMT
server: LiteSpeed
location: https://18.138.129.89/?ref=proads8a
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 11:11:11 GMT
cache-control: public,max-age=3600
age: 3292
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4990
Cache-Control: max-age=167036
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:06:03 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:29:59 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a7nJISfJR+eQLIwZxJYMGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2Vs9Y3A6+tCEAX1AG6DmQWxrL4o=
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 87f09141a84440fa2f8ff382708fbeb8
1793f4c9058388d5ea53f3e0edb674160ae9c9c4
78205b15643712800642a1afe2b14ebad051fa4badf676e65b048f47b66e0a13
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 12:06:03 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 03:34:08 GMT
Expires: Mon, 28 Nov 2022 03:34:07 GMT
Etag: "1793f4c9058388d5ea53f3e0edb674160ae9c9c4"
Cache-Control: max-age=314283,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f204316f17b4f7-OSL
18.138.129.89/_nuxt/c7effb5.js
18.138.129.89200 OK 2.5 kB URL HTTP/2 18.138.129.89/_nuxt/c7effb5.js
IP 18.138.129.89:0
Hash a45be3387edaf7bb7b913f57067901e1
d3395ca27f47657a1a2d135ab825684a69a87e7d
27d107f32b57311bdf63292b7e4449fcb046147a5d3e968ee286e467003c85c3
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/c7effb5.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"e90-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5027
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:06:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5027
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:06:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 17443
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 50531
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 891d19eb042be6fd5d021ff08db2dfcc
c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3
3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9099
x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cExDeGjKIAMFQHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3"
content-type: image/jpeg
age: 50922
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 51539
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
age: 50925
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 17518
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/5ab9787.js
18.138.129.89200 OK 4.8 kB URL HTTP/2 18.138.129.89/_nuxt/5ab9787.js
IP 18.138.129.89:0
Hash db03acd2a89f52489331e21869d31c3e
9d95d92b45cdac7ff58b626c9fa9d89ae040793a
5019717f478843668d9c5bc011c7d2b4d3566543d1dfcbafcad92017325602da
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/5ab9787.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"3d43-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/fishing.7858296.svg
18.138.129.89200 OK 2.5 kB URL HTTP/2 18.138.129.89/_nuxt/img/fishing.7858296.svg
IP 18.138.129.89:0
Hash bd852484b7bea14b0899fb03ffce7760
5cfee40d7efec6a9679af60def1fd1211205fd13
1a0f6dd59a197dbef29351e093ce353fa9e975463a89c3c49744e52badb0146c
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/fishing.7858296.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"1294-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/esport.ebb0210.svg
18.138.129.89200 OK 2.4 kB URL HTTP/2 18.138.129.89/_nuxt/img/esport.ebb0210.svg
IP 18.138.129.89:0
Hash a6b4dc9a2d21f0c85903a05704099a7c
5bcf38536557152730aa92901343f25fe989f785
620cc0b639dcd11ea944bb91f1e6fe2a17a06784cf605bb566e997075ee08641
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/esport.ebb0210.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"12c6-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/referral.375c452.svg
18.138.129.89200 OK 37 kB URL HTTP/2 18.138.129.89/_nuxt/img/referral.375c452.svg
IP 18.138.129.89:0
Hash d7464a0a7c81468202bdbf0b3e4b6752
4631d7670fd3b93801ceb7a21b4bf876befa5523
a279e02e82aae26a52f8aa8c0fb60cfb43b10dd01fbd5b5a7a5337b0544bd299
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/referral.375c452.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"5a5-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/chat.bdeb584.svg
18.138.129.89200 OK 40 kB URL HTTP/2 18.138.129.89/_nuxt/img/chat.bdeb584.svg
IP 18.138.129.89:0
Hash 20026409222501bdf5a47494e7a4b4b6
7d1a68ff92dbec914b40ad5320d0c98b02166e3e
b87ccad06cba72dddc9f20de62c99af251ef34ec5bfc5402396ebc50651ad34a
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/chat.bdeb584.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"af5-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/poker-muted.b55539f.svg
18.138.129.89200 OK 2.3 kB URL HTTP/2 18.138.129.89/_nuxt/img/poker-muted.b55539f.svg
IP 18.138.129.89:0
Hash d50c38ae38fe0f658a2c157df28d5e5c
cb2e478c281a87f4c1a706a1609150623b21baf1
1e5926767e8e96e517a903f02521335af9190306aed9f3d52081c7f580a264bf
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/poker-muted.b55539f.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"139e-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/casino.png
54.230.245.219200 OK 35 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/casino.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 5cc21e3c12f038c5f821e9436afc2e05
7482521b3f159f21ffb0188a7753f752388335ce
391bd01bd3f9d20556e2a2e886143dc3eaefd58cad631cf8ac0af31c71d8e9c2
GET /common/default/casino.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 35365
last-modified: Fri, 09 Sep 2022 14:37:10 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 03:00:45 GMT
etag: "5cc21e3c12f038c5f821e9436afc2e05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PlOrIoLUSsempaa31yfk5RTNSm_lovm5IkrGIzoR3zQj5W0ZJMJBzg==
age: 32722
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/sport.png
54.230.245.219200 OK 40 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/sport.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 67f60bacd13a4d86c091016974a348aa
099361bce2805f19349e8f0a204e0705042899f8
aecfd3036ad340503943e6ac7873203479d2ad1df3b7a1988613aea739e85bfb
GET /common/default/sport.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 39640
last-modified: Fri, 09 Sep 2022 14:38:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 05:20:47 GMT
etag: "67f60bacd13a4d86c091016974a348aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OQYHh6W-_LYV7TFo1OLgTXz_Ly8gVCiGqXDyzplKbc_BVpfzTz47tA==
age: 24320
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/poker.png
54.230.245.219200 OK 35 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/poker.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 7a0da410d2ba037f5d756baa58459dd4
5084b352fb87c601242d96bcc50405dc10dbad5a
929540034f00945fc1275aebaf33931812cd4f2182018503639684a3cf14f099
GET /common/default/poker.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 34573
last-modified: Thu, 23 Dec 2021 10:36:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 07:12:52 GMT
etag: "7a0da410d2ba037f5d756baa58459dd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RRkaOtaYO9k4dbEVihChnZAERrt6dFnjtHV9j78CHJ8JXUYZyjClWw==
age: 17595
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/lotto.png
54.230.245.219200 OK 35 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/lotto.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 29365a60110a8c23dec36fbc52d5dc51
046e44b51f70ebbea7a38d46360a0be69e612ca5
55d9411952e4bab987deb2d641b33c07eed5527fdd3455f8e02b5fd92f841d32
GET /common/default/lotto.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 34592
last-modified: Thu, 09 Jun 2022 08:51:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 08:21:33 GMT
etag: "29365a60110a8c23dec36fbc52d5dc51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WPMoEgRdrN470Z2aTfGf8LZRQb2jYmJ09VP_VAGD0jCC9msFOhJEhA==
age: 13474
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/e-sport.png
54.230.245.219200 OK 44 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/e-sport.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash 1f7610cf9a0fa89023ab164d12a24f2a
73e5db5cb65ada33124fc003aa9c660a35ff56d0
6554d5e159e0ffebbd4c83653f6a882f82c271635d1cf499559c932a53e7a751
GET /common/default/e-sport.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 44074
last-modified: Fri, 09 Sep 2022 14:36:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 07:10:54 GMT
etag: "1f7610cf9a0fa89023ab164d12a24f2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6SpMN8-SaD4Nxr9dAXQMDdbKti0rnhpgqF1A9-cMngR4uiVP1JHQ4A==
age: 17713
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/fishing.png
54.230.245.219200 OK 55 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/fishing.png
IP 54.230.245.219:0
File type PNG image data, 324 x 274, 8-bit colormap, non-interlaced\012- data
Hash d35aa63cde2ead6ca9ec99c4d026078b
63e298022a5d034a284d47ad6e353f18f3efdfa1
100360a02464570e006bc76f8f8936362e4cabe4ff9cb898d778616fa44dbf71
GET /common/default/fishing.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 55381
last-modified: Thu, 23 Dec 2021 10:36:03 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 03:36:47 GMT
etag: "d35aa63cde2ead6ca9ec99c4d026078b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s3LgD6oKcIrYKBFiWS-N1t8QXlPSpeS1a_ofUM4hFPr-bfLLnTo5WQ==
age: 30560
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/idn/idn-poker.jpg
54.230.245.219200 OK 28 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/idn/idn-poker.jpg
IP 54.230.245.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 562x344, components 3\012- data
Hash f5c05f91839dc4f9b867eb0b03893489
60c73ee0be5f1a8dea6d0e52eaebb711a74406b7
7d3731e7e911d2c863c90caaa190b47ab6fdca79343df586363bc079febb574e
GET /common/default/idn/idn-poker.jpg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 27709
last-modified: Thu, 23 Dec 2021 10:36:36 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 12:06:06 GMT
etag: "f5c05f91839dc4f9b867eb0b03893489"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7p8-PNKX2zIWM_F09WCxNCALmxIQk4vHXFilP7IvlgtVW6NcebYCuA==
age: 13475
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/fishing-muted.79943e3.svg
18.138.129.89200 OK 32 kB URL HTTP/2 18.138.129.89/_nuxt/img/fishing-muted.79943e3.svg
IP 18.138.129.89:0
Hash 2b99ebc6f9a4ac185cf2685486749f48
d86cf7e3d9f54be7058e59107e342574c690208c
f802eef4e42eb1650600d1f379ec3abcb7b8d0c9dc6c26dac63b387d61c679da
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/fishing-muted.79943e3.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"1294-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
23.36.79.16200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash fdb3fbabc9d0fdd42c1230d360cd2d44
3968a4d120665750710b64068c0af871d1a149d5
b774ad6e513f484794d2f3985d3b42667e11c38c6def308bcce6b3d81ebff9c7
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: eJ1RhyZFtJ67ys9ZLXiBEM_z7MpR6nU8ruaZM1x0xArTAnZ4qZMU4Q==
content-length: 26070
cache-control: max-age=28800
expires: Thu, 24 Nov 2022 20:06:06 GMT
date: Thu, 24 Nov 2022 12:06:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/habanero/89/thumbnail.jpeg
143.204.42.76200 OK 32 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/habanero/89/thumbnail.jpeg
IP 143.204.42.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x145, components 3\012- data
Hash f3c63f89b5c5742fc86d98480f8330b1
fb4f7927b09aa525b887c7733c39c8d597f01fb6
d29a1f8b1612dcfa6ae15aa31dc993a2b22777666e29dca9be36e99593eab266
GET /game-images/habanero/89/thumbnail.jpeg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 31504
last-modified: Wed, 07 Jul 2021 13:33:52 GMT
x-amz-version-id: Nb0HvvZgujnQNRlIh9I.oy6cAnOzNs4B
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 12:06:07 GMT
etag: "f3c63f89b5c5742fc86d98480f8330b1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HMYq8hVYOQ58Ujz0hVudniYUHR45JCzw-OckVBNajLd7kO7Qbmc7Sg==
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/824/thumbnail.jpeg
143.204.42.76200 OK 32 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/824/thumbnail.jpeg
IP 143.204.42.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x145, components 3\012- data
Hash f62d0fe4cd44c8f9038013c4dcc2caa8
2486be0b11bcd1bdcbd01fb2fc2d88e4732d0533
c1c5890359b1d36c6e4833f503e22b089b8fb663daf0b6092140f359c63085e9
GET /game-images/pragmaticplay/824/thumbnail.jpeg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 32382
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Tue, 20 Jul 2021 09:42:50 GMT
etag: "f62d0fe4cd44c8f9038013c4dcc2caa8"
x-amz-version-id: tTi7HywJOcG2KUvGuFbNq0Hsv925XFOn
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PA8qs9UlkJIT1fZAgmi9g0nRlr5vK_H6ak1op8R010QOY1dIKM7T0Q==
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/3981/thumbnail.jpg
143.204.42.76200 OK 58 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/3981/thumbnail.jpg
IP 143.204.42.76:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 094ae4cfa102d32ed68607cf48daed2f
fef099afe673dd90bc7bbd8b92c2bc8ab5c848f6
a98531946024112f07d40ccb08c23d480df81add836602cbd96b1bb30f86fb49
GET /game-images/pragmaticplay/3981/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 57578
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Thu, 31 Mar 2022 14:23:39 GMT
etag: "094ae4cfa102d32ed68607cf48daed2f"
x-amz-version-id: XCFmxRoQHmQZQtBUTdFdEuNdavnMP_3B
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8u0Qh8TcmE1y1TMOZgDbOgUDriQU012f_QxINnmu2xIYDeV4Jw_u7g==
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/00a8484.js
18.138.129.89200 OK 107 kB URL HTTP/2 18.138.129.89/_nuxt/00a8484.js
IP 18.138.129.89:0
Size 107 kB (107411 bytes)
Hash 3dd1177948239308ab99da2b25a442ec
f46117eea525c82690dbf8e8562949dc1b83f0dc
984043a37062d0fc7d3bcb80b9a5af5fc5e804df0a4f4dc9b42c6bf5a1f07893
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/00a8484.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"4026d-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/9d3512d.js
18.138.129.89200 OK 136 kB URL HTTP/2 18.138.129.89/_nuxt/9d3512d.js
IP 18.138.129.89:0
Size 136 kB (136407 bytes)
Hash 331a2604e8c002d10114f3c04aad013f
e71f9a7e0e8b9e731a10eb7661ee2fe0f92c69ad
bd747f98ae7c7c70d1b3df8207b9b1d4b908d9ded95001d0e8896584910c1836
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/9d3512d.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"4c5b5-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/4917/thumbnail.jpg
143.204.42.76200 OK 45 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/4917/thumbnail.jpg
IP 143.204.42.76:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x145, components 3\012- data
Hash aca3aa7d7d9626f09dd0d8e36316e641
d78953906200c0fcf8d5d8ae1f651872d478826b
986d01e395a4524fdf733e4f1fd425101bf2ed47a2d5face62b106379f21f8be
GET /game-images/pragmaticplay/4917/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 45086
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Thu, 27 Oct 2022 23:36:04 GMT
etag: "aca3aa7d7d9626f09dd0d8e36316e641"
x-amz-version-id: iZM5u1LrwVOCYJUFtGc4jWEkf7_xS8ie
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5nF4Sz5qKxp4BtMKHQ5yyO8rQEoiWD6x8rC65kbySVLy4fxtoQ3pQ==
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/4719/thumbnail.jpg
143.204.42.76200 OK 59 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/pragmaticplay/4719/thumbnail.jpg
IP 143.204.42.76:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x145, components 3\012- data
Hash 478fca7fff1331f5d8c3bbd08dbf2b1a
056d84fe14af02e5de2dbaa5da47a7ddaca3cb07
94f5ebbfb33cf4d7a54f932daaf2e0bcb48bda2ba278af98c1a42b5d4f3b1d20
GET /game-images/pragmaticplay/4719/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 58572
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Tue, 14 Jun 2022 07:07:38 GMT
etag: "478fca7fff1331f5d8c3bbd08dbf2b1a"
x-amz-version-id: nQWhOJW_.iwh2.ovzP9YlDhXP0NBbKZ5
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b-Sk1oUOF8Yc9aedbVly3HY46z8EYjrgxntQlpEu5v2qkWM823f4bQ==
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/71b2958.js
18.138.129.89200 OK 98 kB URL HTTP/2 18.138.129.89/_nuxt/71b2958.js
IP 18.138.129.89:0
Hash 01902bfc6e5db4e8f45e75e4ecf6efc0
308395fe7c4869740bd8fed1aad1c97bc44c86f2
cfc2a7740ea0263b73ac93d023a712feffd60d353cbdc28f8d00a6178e7ce532
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/71b2958.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"3f26d-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 10:41:08 GMT
expires: Thu, 24 Nov 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 5098
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/content/244_637875ea2850e8.23695844.png
143.204.42.76200 OK 44 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/content/244_637875ea2850e8.23695844.png
IP 143.204.42.76:0
File type PNG image data, 800 x 280, 8-bit colormap, non-interlaced\012- data
Hash c91ec9c72c0b1be72e7d45775029da7c
a493af23572bb6f070488ce692d5c2e103923615
ebe6ebc21a75f5ecefb4636c69aaa1e141d7cfa12948b4072050cd3bb8bb9879
GET /content/244_637875ea2850e8.23695844.png HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 44357
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Sat, 19 Nov 2022 06:21:32 GMT
etag: "c91ec9c72c0b1be72e7d45775029da7c"
x-amz-version-id: qJhfr679xnAh1EizB67GrTAX1BDX.E2G
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nIfZwqe4-SngvRSvDAR0hCac62V9u9U3i4eGsy2EmwvLIMuVCGSJuw==
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/promo.ab44485.svg
18.138.129.89200 OK 37 kB URL HTTP/2 18.138.129.89/_nuxt/img/promo.ab44485.svg
IP 18.138.129.89:0
Hash 3c0881e40ca771818c93ef9f764f4754
427b38e3f424652ddd733d73718b0811d0adf936
93c8694949fc91bbbe6a93ad123784c93450605561bc044585e8af6d2e160bd8
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/promo.ab44485.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"e14-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
d3ejb2l5e3bvmc.cloudfront.net/game-images/btg/4890/thumbnail.jpg
143.204.42.76200 OK 51 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/game-images/btg/4890/thumbnail.jpg
IP 143.204.42.76:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x145, components 3\012- data
Hash cc98f78ddd6840968692a35b9880028c
d4e43172f3b10d87b2ef1a891f374a2f8c2f5498
312f0af6aec8fa1bf74b826813cca9eee85cf2c414d6f4285e4c0615e63554f9
GET /game-images/btg/4890/thumbnail.jpg HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 50774
date: Thu, 24 Nov 2022 12:06:07 GMT
last-modified: Fri, 07 Oct 2022 05:39:19 GMT
etag: "cc98f78ddd6840968692a35b9880028c"
x-amz-version-id: 5bBJPSLybQvxPoAREbAKKtl8OEQjc7.W
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YilWUFGmXVW29r97RZwdTpF0kuMkYOqzw_QHznb-JjT_k9v9ZwQ7FA==
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/esport-muted.48fec94.svg
18.138.129.89200 OK 35 kB URL HTTP/2 18.138.129.89/_nuxt/img/esport-muted.48fec94.svg
IP 18.138.129.89:0
Hash 4b5bb080593e600795b8c4263a0391cb
cb882daee6a0c88e40235d0a771ae9ee5c72c64a
28d9e3c00ce2bd531c9df672bb028b6dc234fee588a6f4369d9d5f6e762f04f7
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/esport-muted.48fec94.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"12c6-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/icons/icon_512x512.bce7be.png
18.138.129.89200 OK 65 kB URL HTTP/2 18.138.129.89/_nuxt/icons/icon_512x512.bce7be.png
IP 18.138.129.89:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash e323a0b889526207608de968f71aaa57
26f16cfb1b7c743674c1c286aec2bc731142fba7
3e442c9ab5330904da0e94c65c63b90c235f92f5e7666475ab1dd23f74a9b729
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/icons/icon_512x512.bce7be.png HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:06 GMT
content-type: image/png
content-length: 65440
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:29 GMT
etag: W/"ffa0-184a3c8fdc2"
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3ejb2l5e3bvmc.cloudfront.net/notifications/notification_before_login_16_production_1669276709.png
143.204.42.76200 OK 333 kB URL HTTP/2 d3ejb2l5e3bvmc.cloudfront.net/notifications/notification_before_login_16_production_1669276709.png
IP 143.204.42.76:0
File type PNG image data, 800 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size 333 kB (333022 bytes)
Hash 0fae0743f8582a3e9501733811f97783
aaa65e42cbefe9485ace84ee9ab8b12a021f3866
9cc7fbab0ccb153133a7743372155beae192b93de92f2ab42c94d14fcee56916
GET /notifications/notification_before_login_16_production_1669276709.png HTTP/1.1
Host: d3ejb2l5e3bvmc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 333022
date: Thu, 24 Nov 2022 12:06:08 GMT
last-modified: Thu, 24 Nov 2022 07:58:32 GMT
etag: "0fae0743f8582a3e9501733811f97783"
x-amz-version-id: 8tduyUGl_PiM7wcDMh9x5ZpQl5PlAjSj
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s0csqUoTbCt4yof88ADJq8kFDjphqtgvW5zUvEX_G5pd6FCRPuT_uw==
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/76c5d5e.js
18.138.129.89200 OK 1.5 kB URL HTTP/2 18.138.129.89/_nuxt/76c5d5e.js
IP 18.138.129.89:0
Hash a0bb586e80fb2a32dfa5ed2666d6139c
1d7e4e8ae5ee149751a497200262fbfd40be64c2
bfbf9aec2f1f8d18ac7e392fbbfcddde9129ec0ec1a0197d8192a71ca300ddc7
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/76c5d5e.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:06 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"bea-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pragmaticplay.svg
54.230.245.219200 OK 3.1 kB URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/pragmaticplay.svg
IP 54.230.245.219:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (888)
Hash b0fed3653e3f736170c32361d41111b8
43d6cd46956c8d2cfffa3b4238ff4f4892615749
d2e7c69874a4af84b5e647b6f76fb86557f7d399b106b0e4af4154e65df658d2
GET /common/dark/slot/pragmaticplay.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 04 Nov 2021 07:24:40 GMT
server: AmazonS3
content-encoding: br
date: Thu, 24 Nov 2022 03:16:33 GMT
etag: W/"10a34c33228e40fc24bc44e0554ca0fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2u-ArqTEvQ6xD0Q-_Eqsbih88gTtTtgH4Rnr6iAFsvouPnHFsiwYZQ==
age: 31774
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13252488&version=ff93808ef52c6dd040640c4853b854bd_3a363dc9650c84ff345f8c768f35b162&language=en&group_id=0&jsonp=__lc_localization
23.36.79.16200 OK 3.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13252488&version=ff93808ef52c6dd040640c4853b854bd_3a363dc9650c84ff345f8c768f35b162&language=en&group_id=0&jsonp=__lc_localization
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (10882), with no line terminators
Hash cdfdb626f008beaeaffe14c82b9755d8
130e68f61f282255ab8263dd7696eef134496119
ca310a7172585c4a11b0756d724bba09e6236c6e10d9b1538f7f2f9078fbaa5b
GET /v3.3/customer/action/get_localization?license_id=13252488&version=ff93808ef52c6dd040640c4853b854bd_3a363dc9650c84ff345f8c768f35b162&language=en&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Thu, 24 Nov 2022 12:16:08 GMT
date: Thu, 24 Nov 2022 12:06:08 GMT
content-length: 3794
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=13252488&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.16200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=13252488&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=13252488&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Thu, 24 Nov 2022 12:06:08 GMT
content-length: 2558
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/ad95798.js
18.138.129.89200 OK 21 kB URL HTTP/2 18.138.129.89/_nuxt/ad95798.js
IP 18.138.129.89:0
Hash 280222b7405d1d6a82d453dec948993e
770aedd0330d469361880af505b4af858afd7e61
ec13187f127a8a80d1af24fdce0e7376460aaffc49500904066effdc43f3b3b2
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/ad95798.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"5909-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
23.36.79.16200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 12:06:08 GMT
date: Thu, 24 Nov 2022 12:06:08 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
23.36.79.16200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 12:06:08 GMT
date: Thu, 24 Nov 2022 12:06:08 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/fe8ad55.js
18.138.129.89200 OK 14 kB URL HTTP/2 18.138.129.89/_nuxt/fe8ad55.js
IP 18.138.129.89:0
Hash a349aeee2df419a31f494ece5c3c9b9c
152968c84a660f4b49bcb4ef7e035dee7994dc5a
787f19922dd09aecb9b19315011ee1d63e4eb4ad2929c9ba7ad7ebc9ec630e47
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/fe8ad55.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"d79-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
23.36.79.16200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 1264610413f26b8183806e45b4a696d8
8b09743f031d647aa4023488ea3bb7dcc16c2336
56b595620a2dee93bacba85b7f8203f9597110b65fadca7b54971783b640461d
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Thu, 24 Nov 2022 12:06:08 GMT
set-cookie: __lc_cid=c82dc2af-32ca-4610-54ac-685ee2fa4a7b; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 24 Nov 2024 12:06:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=84f822a7aeb728bf618cc78ef1e08e4a36edc5ac0fd4028a8fd9d5015b905f25a97ba499ad2b49e4d7697bdda2d828bbe2c380f01810757ce622c0eda68a; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 24 Nov 2024 12:06:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=c82dc2af-32ca-4610-54ac-685ee2fa4a7b; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 24 Nov 2024 12:06:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=84f822a7aeb728bf618cc78ef1e08e4a36edc5ac0fd4028a8fd9d5015b905f25a97ba499ad2b49e4d7697bdda2d828bbe2c380f01810757ce622c0eda68a; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 24 Nov 2024 12:06:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1669291598&tag=463d7480c9c19a54a10d18732c007b84a38e7551; Path=/; Expires=Thu, 24 Nov 2022 12:06:38 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/hot.svg
54.230.245.219200 OK 967 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/hot.svg
IP 54.230.245.219:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1777), with no line terminators
Hash 30aef3a38708bbaca955d22cee797d58
8f1fefd597096e228d6abc0ecdd53f1d05775f35
01bee16cc2a17227c5d18f1332c5dea2db5ad3895d0fc3b69bf01b20ded5c6a9
GET /common/dark/slot/hot.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 04 Nov 2021 07:24:33 GMT
server: AmazonS3
content-encoding: br
date: Thu, 24 Nov 2022 02:33:21 GMT
etag: W/"dec8e19589366a53d79d771694a89ed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jiTCFzt1gFgSf6MqahsLJhpSf6bm26svAUjSLzGWBVktPTI1p8AHvA==
age: 34366
X-Firefox-Spdy: h2
18.138.129.89/?ref=proads8a
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/?ref=proads8a
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?ref=proads8a HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: text/html; charset=utf-8
set-cookie: auth.strategy=local; Path=/
etag: "29a61-x+PMrNf+I8PzC6TDt61dGLSBlE8"
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/provider-new.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/provider-new.svg
IP 54.230.245.219:0
GET /common/default/ribbons/provider-new.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:33 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 04:10:04 GMT
etag: W/"464b0945001339fc375e4c534b61644a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eagqY8MPHplDenfESfly37Q9MSRo_e1EXqUTc7L0h5r5nefZzI1dXg==
age: 28563
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/0175a5e.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/0175a5e.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/0175a5e.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"10de-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/sports.2c1a52b.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/sports.2c1a52b.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/sports.2c1a52b.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"1722-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/lotto-muted.38fe7d8.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/lotto-muted.38fe7d8.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/lotto-muted.38fe7d8.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"24c0-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/16/logo/logo.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/16/logo/logo.svg
IP 54.230.245.219:0
GET /16/logo/logo.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 27 Sep 2021 06:32:48 GMT
server: AmazonS3
content-encoding: br
date: Thu, 24 Nov 2022 12:06:06 GMT
etag: W/"27e69412bc54995544b121de2e24620a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fX3gRCt58ClVJQCGML1XUDKKio8QzhccER8RUSn7PpsY2gv-7TNAQw==
age: 5303
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/8bb3f36.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/8bb3f36.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/8bb3f36.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"1902c-184a3c8e7da"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/cd60ba4.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/cd60ba4.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/cd60ba4.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"4f58-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/226ebb6.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/226ebb6.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/226ebb6.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"25ad-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/casino.61bd6cd.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/casino.61bd6cd.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/casino.61bd6cd.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"120a-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/slot-mania.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/slot-mania.svg
IP 54.230.245.219:0
GET /common/dark/slot/slot-mania.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 06:06:14 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 04:26:23 GMT
etag: W/"089f67af8defc4076778ded07ab8d4ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yVNSVom2ZHHC4gSYm6_28CjbYZ7Dd0NfEXjvLTSctKkVdrXTb-4X-A==
age: 27584
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/41cf20f.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/41cf20f.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/41cf20f.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:08 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"2cac-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/98ab60b.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/98ab60b.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/98ab60b.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local; notification.guest=1669276734; _ga=GA1.1.163786928.1669291567; _gid=GA1.1.2025191667.1669291567; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:07 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"65d0-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/slots.489b335.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/slots.489b335.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/slots.489b335.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"113c-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-new.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-new.svg
IP 54.230.245.219:0
GET /common/default/ribbons/game-new.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:30 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Nov 2022 02:04:26 GMT
etag: W/"e3fc807cb3594670eb9cf2f901d6c77a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jv48ZOuj_cD1a21zKwz98qmGYKsJc4AvuF0fciUvJqx9Hw8hchqbsA==
age: 36101
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/e2ec45a.js
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/e2ec45a.js
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/e2ec45a.js HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:04 GMT
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"b663-184a3c8e7de"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/poker.d6c08c1.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/poker.d6c08c1.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/poker.d6c08c1.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"139e-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/lotto.f9906e2.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/lotto.f9906e2.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/lotto.f9906e2.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"24c0-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/casino-muted.f14a000.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/casino-muted.f14a000.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/casino-muted.f14a000.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"120a-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/sports-muted.e4e1f8a.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/sports-muted.e4e1f8a.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/sports-muted.e4e1f8a.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"1722-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/fonts/idn.6b0cc69.ttf
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/fonts/idn.6b0cc69.ttf
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/fonts/idn.6b0cc69.ttf HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: font/ttf
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"e19c-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/favicon.ico
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/favicon.ico
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:06 GMT
content-type: image/x-icon
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sat, 16 Apr 2022 16:27:21 GMT
etag: W/"47e-18033334d23"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
18.138.129.89/_nuxt/img/slots-muted.8417d77.svg
18.138.129.89200 OK 0 B URL HTTP/2 18.138.129.89/_nuxt/img/slots-muted.8417d77.svg
IP 18.138.129.89:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/img/slots-muted.8417d77.svg HTTP/1.1
Host: 18.138.129.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/?ref=proads8a
Cookie: auth.strategy=local
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Thu, 24 Nov 2022 12:06:05 GMT
content-type: image/svg+xml
accept-ranges: bytes
cache-control: public, max-age=31536000
last-modified: Wed, 23 Nov 2022 09:19:23 GMT
etag: W/"113c-184a3c8e7d6"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=315360000
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-promo.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/default/ribbons/game-promo.svg
IP 54.230.245.219:0
GET /common/default/ribbons/game-promo.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 23 Dec 2021 12:03:31 GMT
server: AmazonS3
content-encoding: br
date: Wed, 23 Nov 2022 18:53:45 GMT
etag: W/"896814ef9690f1b1080d6fcc6960ddb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N9R0-MtWMlKHdaaNAZxlX-NwpzgbulI5HPOb12hNslkZCdm8R-uIdQ==
age: 61942
X-Firefox-Spdy: h2
dmwl0ca1bvnm.cloudfront.net/common/dark/slot/idnslot.svg
54.230.245.219200 OK 0 B URL HTTP/2 dmwl0ca1bvnm.cloudfront.net/common/dark/slot/idnslot.svg
IP 54.230.245.219:0
GET /common/dark/slot/idnslot.svg HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.138.129.89/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 25 Jan 2022 12:41:30 GMT
server: AmazonS3
content-encoding: br
date: Thu, 24 Nov 2022 02:29:25 GMT
etag: W/"3978f870bc1c74c48e41b90a15796a77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mfs99VvFxRlUDdJVaoEq24vwdn4FA2wemk4Tc3cBoCkJixZEMh0Avw==
age: 34602
X-Firefox-Spdy: h2