firefox.settings.services.mozilla.com/v1/
18.165.201.103200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 22:05:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: W7xbAbm3dscUIMEVmvMA6xUZlvP_cY8z7pSVleSqzHCWmAl0TqReaQ==
Age: 3071
e.the7star.xyz/wbcasinof/index-ca-en.html
104.18.72.149200 OK 4.0 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/index-ca-en.html
IP 104.18.72.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3633)
Hash 562d63052a5ec5ff6097a34ab5c42c88
d05ce7b11959968ba52a919b5a6f53aed4236ec4
0175ebc7eea6309d4a12863904dddc303ec146c6a6d3eceed1ba8eb92c82a78b
Analyzer Verdict Alert fortinet Phishing
GET /wbcasinof/index-ca-en.html HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 May 2022 14:17:55 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTXi2hOeyBvyBTFsQejr5V8ENsoplOC1K5VrViilj6rJA%2F1oc6%2FJ1QZBoI4XWJgqK8lqBKH2MZI3ARJhIwV3TGT%2B90KIUOezKflTnwFK1WA4wGZ%2FGtdV2dzIqjfd3AjTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f6dfaab9cffabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5122
Expires: Sat, 24 Sep 2022 00:21:49 GMT
Date: Fri, 23 Sep 2022 22:56:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.39200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.39:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 db92535f619848d07c0f5eb965b50adc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: FrGypkV7LnVpGXfSCOmr2UanawN0dIGGK2vjNs9ykSQVJ8J92VaGIA==
age: 67405
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 22:56:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://e.the7star.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 02:36:40 GMT
expires: Mon, 18 Sep 2023 02:36:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 505187
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e.the7star.xyz/wbcasinof/clean.css
104.18.72.149200 OK 1.6 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/clean.css
IP 104.18.72.149:0
File type ASCII text, with very long lines (7301), with no line terminators
Hash 4743f1239abec2b9a3a975ea9c6b53bd
7add3d854f91e28fddbcf7babf1a902508497344
63d2cda9682435ef42367f7ad9baa47aac8e5ef84639d6f7e497fb87c179b560
GET /wbcasinof/clean.css HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 May 2022 10:34:37 GMT
ETag: W/"1c85-5de2d2c0f8d99"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGQ%2BbQlKTjrQUM8EAWzzR7Pv%2FbKqL1HpbcdjoAS%2BuVzAt8T0a6O6GsFJHvFADpU%2B5cEjHhVvLeeTPkfgY4X0aImgZw7xj5JZgWcXWsvFRMtXTPgQVnxquvwpUVavHHeN%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f6dfad3af0fabc-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
139.45.197.251200 OK 40 kB URL HTTP/1.1 gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f9ffde8ce428406d5bd3e06d5e1f20bd
59f87900612a0b74cd318dc19b50873e3be8bf59
c58109c8aa8bcfb8047ae706bfdec016f49ab839ed777f91b3585492ac5e0baa
GET /pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 22:56:27 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Sep 2022 07:25:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63296afd-1a407"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
e.the7star.xyz/wbcasinof/c7.jpg
104.18.72.149200 OK 885 B URL HTTP/1.1 e.the7star.xyz/wbcasinof/c7.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 897f3dd5e858fe80eb0100a2d798c486
b550c18b572c6b95868aafc2c751fa5f92a3be4f
dee106bfd25bef41d50df51bf68521a5846e6f59e68f7494df98fcf8454d5ebc
GET /wbcasinof/c7.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 885
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:37 GMT
ETag: "375-5de2d2c09c134"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLcc%2FyLzL0mzPRe2b%2F7Dh5O%2FwMsJiHyzLf7kXzGHOEmyenmHQakJikq6Oo6DLpL8wMWnosGAKkD4UTN1DVQLBHRbT0azdYUdKXwnA1ZzTwkPLusdIjYWL74M1DmRPyIjzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae4b63fabc-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/img8m.jpg
104.18.72.149200 OK 1.5 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/img8m.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /wbcasinof/img8m.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1506
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:39 GMT
ETag: "5e2-5de2d2c26c6fd"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH%2BPVKWTsT3sf8tQseWJdZzWuk4HHABeY4eJb4kk7YX%2BSmDq4DkkHBg2NvNQTEydPK0DIJVvBT044zNdSBOnUkpQ4oxebNV7GeeNSbYKcY2Y8U3sDVbzRuYEwxABmoSw%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae4d9eb511-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/img9m.jpg
104.18.72.149200 OK 1.0 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/img9m.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 8eaf167dee1c0b4384b854fd68836eb4
be410ab820048230ee32948da6345dbc3c6a2a94
d2ca60af74992ff458ac141945706d2178267d69692a9cd6bdbcfa8d2780a3b2
GET /wbcasinof/img9m.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1001
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:39 GMT
ETag: "3e9-5de2d2c277e96"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtOCofQ7bXe1yOSospjSBOcfjGyQli8u%2F3HbgEg5Y8iLejQROO1I042mOHuipDXRyU6aEHwpAb8%2BGYW6IbXHFBfU4Y1yw6X88Y77kkIQGePSsc0yxvi3%2F5fmb0TYW15WEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae4aaab505-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/c3.jpg
104.18.72.149200 OK 1.2 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/c3.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 1080b6b55b70513cd5699d7c8b792981
0877cbe68baafee3eedb131522bb650ae45bccc8
799841e34483062c665fd4a2e832bca852178a8d9924add242ebf5922d16ef34
GET /wbcasinof/c3.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1164
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:37 GMT
ETag: "48c-5de2d2c09c51c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W15t9gOP8so306BEPPTs4JXxgGdLayYaD2TWBO5ZjFHjN5x0NqcCW8GnwLfuHDldY6h7xlW3goBDAAicrQIh2schhbOXi3tlXAYotZbV11ZwxZV6LMzBqrZuzEaQ%2BynMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae4eff0af6-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/img42.jpg
104.18.72.149200 OK 1.5 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/img42.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash cb3986b50c18593ed3bfe73a0074c76c
194196608346769f85aba3faaafd1e0f1c981192
4b25eef6bf0c7e8699b40b1d18b2d11738176188b2806dbb63e106d237dac11d
GET /wbcasinof/img42.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1465
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:38 GMT
ETag: "5b9-5de2d2c18ccd1"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXfPTNxVK4gIHml0qP9pl%2BZgX8EOjS0urvtMUyoxLO4aa7Srwm%2FDz34FZSFAiUAnOPmvKe3sNAKhSO%2Bzs%2FhTb296A9N69IHBL3aAuDMQ4sLJmariwHD69cHRBj2f800c7w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae4af90b02-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/slot-result-1.png
104.18.72.149200 OK 20 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/slot-result-1.png
IP 104.18.72.149:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 7c407d6faf37e03a0e9952905bccafcf
6f0cc64883bcc01c038562aed6b40f58bb216527
65bc4ba4a152460f7315d33d73f28af70aa51dde5ee11c415eff4035ae0ff96e
GET /wbcasinof/slot-result-1.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 20361
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "4f89-5de2d2c566e60"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htjJMbd3LhDwNaFXb7g%2B92AwwEswK4zWYIKswiSyoioG1nA5MNZeW2ZBq97asWIcyCs6B4EBGobODfakJDCV1zJTKlVtUaWRnNI6Qeha7c24QeeXjb%2F%2BeOtYPhzuMkqRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfae48ab1bfe-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/arrow.png
104.18.72.149200 OK 150 B URL HTTP/1.1 e.the7star.xyz/wbcasinof/arrow.png
IP 104.18.72.149:0
File type PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Hash fdfc16bb03c00590793ab51f4973e481
5479b717fb5ed88b7ebb5764c73d195cea9fb8d9
bad0d62b52dcceb8cb2f6a8d7f8da5b7272aeefe520f588f39e6f020cfdf6f6c
GET /wbcasinof/arrow.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/clean.css
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 150
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:37 GMT
ETag: "96-5de2d2c09c904"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTUkhfl9i8RzzG%2BOBr5KBoCnJNclzetf8sIIqI7h7GY7YwPZE4cIG8zs6pe6jtoRLvSGy%2FFbmvfPI9QCtmRchQrPec68vOXYpHtMuJcctIWXscHkLlV9Tm9nIqRRGTrphQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfaf4e9db511-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/win.mp3
104.18.72.149206 Partial Content 10 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/win.mp3
IP 104.18.72.149:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
Analyzer Verdict Alert fortinet Phishing
GET /wbcasinof/win.mp3 HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:43 GMT
ETag: "2897-5de2d2c65146d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-10390/10391
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhvXxkpnwZRkxBWRN%2FC8Rbe2RfRZYjvSsJjswyWB6g0DHsccK3vzwzVn1F%2BcVUaWYyI7dmFXzRF1Ue8gxjTubMt%2BOZKNGRJoEBvosQN3Q6sZY7crOhWYEBMruJn%2Fl%2Bo2tg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f6dfaf5b8ab505-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/flag-CA.png
104.18.72.149200 OK 1.2 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/flag-CA.png
IP 104.18.72.149:0
File type PNG image data, 50 x 40, 8-bit colormap, non-interlaced\012- data
Hash 80c675990be83b696584c6bae4fa6af4
1e5554dbdcbd4c05f1227a4ddbe9dc3bfd280ca5
3fe7db2d24eb1bd7144f5da798026ca82abe351c377cbbc25906acf1fb573981
GET /wbcasinof/flag-CA.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 1185
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:38 GMT
ETag: "4a1-5de2d2c183090"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYu7qrBnx0W%2FwPYN0l9tRbZvUEJ6lEKILT6PkawKEk9%2BIQbc9DwpgOXSOvQI%2FYpQOxj75RWc86K8zEWhEX3Wqy%2FuTx4UoS2%2FbKELVGGqtIo2f%2FROLmqlbY6zFHGl36ciaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfaf4bb1fabc-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/spin.mp3
104.18.72.149206 Partial Content 8.8 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/spin.mp3
IP 104.18.72.149:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
Analyzer Verdict Alert fortinet Phishing
GET /wbcasinof/spin.mp3 HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:43 GMT
ETag: "2250-5de2d2c616ae9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-8783/8784
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKiJcyr2BK5jtd7qpCS1smEUYcb1xN7J435Vrzce%2BfUtNzmW2oQRcNTxHXTffxMacyj95x2NKWE6LDbpred2bAnTKhygZyrmJS14wECN0BCyvNYziQi237jrBrwqNU8lnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f6dfaf5f930af6-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.103200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 22:33:04 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 22:37:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4dd28c7d9439664c66fbf62f5cd00636.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: wlGoIA02jT6deosqHjYnvJ5FrwAnXHpUTOtN7QMhQ3oyBQmis-zB_w==
Age: 1408
e.the7star.xyz/wbcasinof/red-arrow-left.png
104.18.72.149200 OK 1.3 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/red-arrow-left.png
IP 104.18.72.149:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /wbcasinof/red-arrow-left.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 1334
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:41 GMT
ETag: "536-5de2d2c503c6a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ7frLADLgXJc06HBtx9TQGy0NhKvMXOeDUkIFHKElF%2BWoeorAZyN5zq7GtXuhZMKcwfDTmz0YrwUyQkSmHXMgDsMVRT7nvkacruuzdidovA1szi7O4Th2eDb1VKna85Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfafa9761bfe-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/slot-start.png
104.18.72.149200 OK 26 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/slot-start.png
IP 104.18.72.149:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 171afe26f081d836242292d6015093ce
d09d3193a813e1c83933a473c145730d52079b2b
21b71354740a1daa4182597926d23a59a3710079e503e43fb780379f7de59335
GET /wbcasinof/slot-start.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 26071
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "65d7-5de2d2c5c7945"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjRgoMCArGGB9Jb3eNCcWbGwfpkZOOnbUh%2BZFp7UtIKeZEU%2BhIHBIkt7tZTyng9HOMwTxHAUOjjp4RfcVr1Yf8IcA8zyvzkcj%2FNT3DhkYtjG9Eev4z8dkuCuVCLRSzIygg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfaf5be50b02-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/red-arrow-right.png
104.18.72.149200 OK 1.4 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/red-arrow-right.png
IP 104.18.72.149:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash e21c833bd7e724a4c2693703b9780e9e
28928805c39ad31dcecc684303fd2ca4549e1b71
a9e536cf299e22c2ea08010bdc70e0b87c8d3ecb5469c6c8a84e2042b5ae7fb8
GET /wbcasinof/red-arrow-right.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 1355
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "54b-5de2d2c52d47c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ufkjoF2AaYAVsnOWxVvJqI%2BR%2FBA9%2B5bSDvp4zkiAEmrg87RhHwtuXIwIQQowRRAV%2BEwjybf49piclE5VzeJgMvap4uDOLDGv%2Bt0BVLy9VeiicyOgPlG4p8nwLdCxcSlkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfafaef6b511-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/img62.jpg
104.18.72.149200 OK 1.6 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/img62.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 802099c0a3a8aecabcb785551e64cdd1
a4f1051717ba462b8e3a38af036711b5b41c3c6c
ce25b1c2478a2a1ed087441fa1a2b76dbeb3061fce287fe42491f565c488773e
GET /wbcasinof/img62.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1552
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:38 GMT
ETag: "610-5de2d2c208950"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuSmgL4DSPfckrbCvCg1CrQLkZe%2BJd0QaeRyONScoG8ANmeANT6hGZ3LsoAy7RD7XzyKywAShl40zcwqUatilzslSzv%2Fgxit31mi5Ha4jTvUT55L2y9ILDeKzDEgogjCag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb05c40b505-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/slot-win.png
104.18.72.149200 OK 14 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/slot-win.png
IP 104.18.72.149:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 8fbf66e3ce0dfcc318dcbc0d35e31b9f
00a819dd0a5ccfdde2d5efea2e10d12b64fc21a2
a6f55513d055ea1efaf036fbe092c46f5d92a0942b2a6c11dba1e6c3ca6e7576
GET /wbcasinof/slot-win.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 14384
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "3830-5de2d2c5f6b30"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKqM6CmVVJMewvLlo253tq5IYd2t3ZXniPrxkAAu2t4C%2BNzeLbb%2BJBAsPVXVwHFVSsb2zD%2Bkujj3j%2FAUgl9XV%2FXYurJ%2FZjUs7Cm8kINJBv6Mwyb1TGAAaVzv6ZKZY2UuBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb0ac970b02-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/img7m.jpg
104.18.72.149200 OK 1.6 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/img7m.jpg
IP 104.18.72.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash e09336f999f963ff1f4fdab80eea8562
416deeb661cf8deb8a9c9ac3e01e02a0ca17b8b4
fd824e3a3091970c57acdc8c954619e179538d00e88062795b17c750c0d3288b
GET /wbcasinof/img7m.jpg HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/jpeg
Content-Length: 1640
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:39 GMT
ETag: "668-5de2d2c27633e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tDIbMZiWJ4bPStxGmG37Y1SIVHMc3RyjLa%2BGqSkZ8RBiXtmgDy1Ap1JRp%2FB00MbJg3VOr%2Fh%2BpF%2FGaPpz1YT6wypFEhtKqhaHpTSiZKFwc%2FG7pmEo1Bi7%2B2vy8HxeNxg7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb0583d0af6-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/slot-result-2.png
104.18.72.149200 OK 27 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/slot-result-2.png
IP 104.18.72.149:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash a99f6d51bb4ebb92bcae9e8127d83bc3
aff0f601ce4a4b1b36d9d6a65299b7ba854f0d1f
c90214108c99c6c62b676edcedb45180c2bf89e81a499cc0a10da8a31121177d
GET /wbcasinof/slot-result-2.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 26720
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "6860-5de2d2c5702d0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ndLpfkuZcWK221nwz5f0Z%2FMUKYqsDHZEsP71eT4tGDF03rOgi8xSt5SBTpVamPDOW0cvXO8QBIz82hdbg6xXppIxUSnXKnnG7qCrmh0QOYAHYWa3C3%2Bpqi2KrOEcY7YJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb0a9fc1bfe-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:56:28 GMT
Last-Modified: Fri, 23 Sep 2022 22:08:14 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
e.the7star.xyz/wbcasinof/slot-spin.gif
104.18.72.149200 OK 88 kB URL HTTP/1.1 e.the7star.xyz/wbcasinof/slot-spin.gif
IP 104.18.72.149:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /wbcasinof/slot-spin.gif HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:42 GMT
ETag: "1562f-5de2d2c5948da"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjJhBqxNbcXHGOjZeI5oly6bRK0bULoS9yBDYOLHnss4WqtZpARgmxuBju6aI0zdDYkeQ%2FbJj863a9a%2FJzFbuIh0UlsFcBDBdP9zGvd9MjDCw6YgPFzyOfYbplM0Ng5iAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb05c0dfabc-OSL
alt-svc: h2=":443"; ma=60
e.the7star.xyz/wbcasinof/favicon.png
104.18.72.149200 OK 837 B URL HTTP/1.1 e.the7star.xyz/wbcasinof/favicon.png
IP 104.18.72.149:0
File type PNG image data, 22 x 25, 8-bit colormap, non-interlaced\012- data
Hash a2e9ba7fc8fcc100c2f3f6cb51a411fd
2db7fdb407f7d66a3ca5efea001fc2202a43cb80
bf2e746835b223f0ba68cb4043d78985b1de613fdd44aa204447c32daf27d024
GET /wbcasinof/favicon.png HTTP/1.1
Host: e.the7star.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://e.the7star.xyz/wbcasinof/index-ca-en.html
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 22:56:28 GMT
Content-Type: image/png
Content-Length: 837
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 10:34:37 GMT
ETag: "345-5de2d2c0f2808"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVThy6LMnIIc%2F9UB2ZCyF3XG5uP67hrGB8wSYXVeOpMQpfkRK6snTEFfxoNXyzZjEmtOHeiDv6nLTFprHEbUpNlIQGuptp6tGyfPFuix6Q1K7K1kHjO5M%2FrN1CIOGvNYqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6dfb22b371bfe-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: csWRLh0HPO6FiLHiS4oC8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 00GHn5fVuhrKcJWkYHqfX1Upfb8=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Sat, 24 Sep 2022 01:18:35 GMT
Date: Fri, 23 Sep 2022 22:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Sat, 24 Sep 2022 01:18:35 GMT
Date: Fri, 23 Sep 2022 22:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Sat, 24 Sep 2022 01:18:35 GMT
Date: Fri, 23 Sep 2022 22:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Sat, 24 Sep 2022 01:18:35 GMT
Date: Fri, 23 Sep 2022 22:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Sat, 24 Sep 2022 01:18:35 GMT
Date: Fri, 23 Sep 2022 22:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b0e3ac4e16f6dc66a26a4389761d0a
e2e1b87dc1e205d437648f89cd6d0ad21019d662
1e2cd2c842e3aea339ba0c18267af45fd110e70d6e86ad1dab7b65b007afcc16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8208
x-amzn-requestid: 0fd39a74-3b99-41d6-ba1c-87cb53d8a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shFFwQoAMFfvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-5774d24f791810730183da18;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xnh0Z31k7bB0YOTDFrGKElc7qZjiNxIEpl_Vl8i8jn7GUDLE31Azxg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:55:51 GMT
age: 3638
etag: "e2e1b87dc1e205d437648f89cd6d0ad21019d662"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:15 GMT
age: 3074
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 3759
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KfRlAHaZjrBNyxoYsUtQZ0TgMGD99mnrC3GViYCTRcHPtDfgYbLczg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:02:30 GMT
age: 3239
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f727cc665bfa383779422949037a83a7
24d4dcad1590e79e89a1ffe343bd7fe616528c5a
72dc66286d9ea7b71b6c9a116ff69380a97253c73f1ba2a5b3da34790e321e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8907
x-amzn-requestid: 974b20af-4775-45bd-9e3f-55e5aa363c2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQRGPtIAMFZCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2734-18aebf577efb8aaa0182aeed;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ANAYROIRBWe_Y5TxqYp9IDnqnuOHQGjvyj1K8Z85m7C9DGCXXuQ-Cw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 4120
etag: "24d4dcad1590e79e89a1ffe343bd7fe616528c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4a034f8a3f2e69e852a69075d20b0e3
a7a6043178f05f547a08808ea8b34a6703154b42
8f1a045214d7049cb9f9a1ab2c55b6753907741b7cbfcb2e02f916f95a56ddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5179
x-amzn-requestid: 57451c31-0b96-4aa5-ae63-54f949ab3d68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQlGrRIAMFklA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2736-0bd483e47d880a837c7316ce;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TQgpwEIMFlVt6yJS-eljAzOaRYHVLm6ONuvtQsPM-TQITDxp8_AZxA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 4120
etag: "a7a6043178f05f547a08808ea8b34a6703154b42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 27eaf1708a7342f79acddcfe4a44c072
139b4fdb2f289e4cb69fa6d9c08b9e3481c66c85
d41cadc5319d696aefdaa72ec71270ab5933c2a55824f5a7c542ec3cb406a57d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D41CADC5319D696AEFDAA72EC71270AB5933C2A55824F5A7C542EC3CB406A57D"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3713
Expires: Fri, 23 Sep 2022 23:58:29 GMT
Date: Fri, 23 Sep 2022 22:56:36 GMT
Connection: keep-alive