r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11871
Expires: Sun, 29 Jan 2023 15:10:26 GMT
Date: Sun, 29 Jan 2023 11:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11859
Expires: Sun, 29 Jan 2023 15:10:14 GMT
Date: Sun, 29 Jan 2023 11:52:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 11:43:08 GMT
content-type: application/json
age: 567
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Sun, 29 Jan 2023 15:35:47 GMT
Date: Sun, 29 Jan 2023 11:52:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WHS9SMSHO7yNwLY7heiivdWvjgq8tDrY3Byyb0rf49zsLsZeWpvvc0BSqFwDgdr3avZ2IHP1bQI=
x-amz-request-id: 81ES7R46PS4MRZ8A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 11:50:18 GMT
age: 137
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 11:52:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.rodaslotjp1.top/
172.67.179.154200 OK 19 kB IP 172.67.179.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (364), with CRLF, LF line terminators
Hash e2cadf34a2547c96c02648764042b65f
86f0e70f50a62bb42701386d2eef9cf1c6aa6fbb
db1eec6844199e6d44eabe100f15f84fc39945234ad02b6cdfb2714d3c733334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: Deny
X-Content-Type-Options: nosniff
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yag4O9%2B4qRDfMQuroG3U3XNz5XbQdP%2BJ2NMHYbZNFwVzBfXRBwqiX%2BiDT0oMTSc%2BLCH%2BAEaN2yw5K%2F6GTYseXIM1jI%2BhYcIxlVadvKj1zElsi%2BDksdfIc9mj0v32mbproVB%2FaJoe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c3354afe1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-D3WR7HGLGB
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-D3WR7HGLGB
IP 142.250.74.40:0
File type ASCII text, with very long lines (19467)
Hash 3ca1e3847c247ca488910b637581762e
cea2f520e100a496e439fadd016f0cd34cbe2045
01a32313feee2e3852a36b7b0ef4522eb29ccf83eb494af673f7e0214c9e682f
GET /gtag/js?id=G-D3WR7HGLGB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:52:36 GMT
expires: Sun, 29 Jan 2023 11:52:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
151.101.129.229200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (39553)
Hash 3d7736f3e0093bfcece832c8a1dced40
4421527237d7cf60ab3a8605e131d90370d59f8e
9bfb0fe335300ad7521ccc87e8a1d7be601958e3a9b9f0ea8f98cc7fa3946e70
GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.1
x-jsd-version-type: version
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:52:36 GMT
age: 6502861
x-served-by: cache-fra-eddf8230083-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10942
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 87084c125ab6d4f169bf99317d1c2ed5
af2a834bd96feb88c28e6c57aca04f2dcdf2ea7e
bbd76d3cf3dc02c4c14871ee08dc41c05a9a06fcd676ccc82003b050c253e1af
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "19E6661F7F7A85758646A9372D46CCBEFBBFD995"
Expires: Sun, 29 Jan 2023 23:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 323
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33a6d8bb505-OSL
cdn.discordapp.com/attachments/1043766431235440694/1057962436818378843/fbgif.gif
162.159.130.233200 OK 32 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1057962436818378843/fbgif.gif
IP 162.159.130.233:0
File type GIF image data, version 89a, 298 x 298\012- data
Hash 015df9a2407a5ed72b692e04e2d3cd20
b1d114152f9e0b472472c053f3414cefc29367e6
f88c966a4a26b533e3ba554c002c8073e76e8762d537ea5b40fd96769d7d71ee
GET /attachments/1043766431235440694/1057962436818378843/fbgif.gif HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/gif
content-length: 31651
cf-ray: 7911c339cbd31bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "015df9a2407a5ed72b692e04e2d3cd20"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Thu, 29 Dec 2022 10:05:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1672308301005635
x-goog-hash: crc32c=WSUnWQ==, md5=AV35okB6XtcraS4E4tPNIA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31651
x-guploader-uploadid: ADPycduQ8hhNNBp5HGgM0GXc6IqQ8ny6LkrR_JBFbTRjPcZSAkPTRfALKPvKMK61Nd9Gto_IQ1Spnow-DP5De9_mh_ViZPc3C5cP
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=oxRIe_g6HqO8zNNJf5_neu2r5umZMCFtl3BakKnw7tc-1674993156-0-AfpYr4Jsc6OMqT3eo+e4uqn8Sf3/KtEdTkTjV+d/2bLw5tZwD156yQXsHNKwezZWNhZmX3s/1j3XZn0Guo7fpgY=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=Y5Br.A6vVk9Z132LQxgnScANuPAc3tYeBCTrgNRohE8-1674993156-0-AeHB8c2tOSj3H9jU+0e06T4G97/3YWA/Fo5AmuwcTzT/bYAwRQIzjkWXQdak+Ci3OKRWfaevoVytWEKooUOHu+M=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvleWHAVH1YdIDmH87ylMxa2iABBRVIPrcLYMlHxZBBto3eoxdA2Eq7p%2F6wjdGxzh8NjAFpAGmizlojgdaPHSDlqbveCIiTAr5JZmquMhTb9jqazIVcPP74gJ6AYAEDQJfM2zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1057962436449292328/waweb-minn.gif
162.159.130.233200 OK 184 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1057962436449292328/waweb-minn.gif
IP 162.159.130.233:0
File type GIF image data, version 89a, 146 x 144\012- data
Size 184 kB (183562 bytes)
Hash fff30d8c717ffbb76f59cacc77538f10
28f46fb19f6f6c73a27c262d6670f13e8a1a29e6
f52fbc216e5b65f7f40752c012f1c4cf46a5756808a34b4b422db192b5f220c4
GET /attachments/1043766431235440694/1057962436449292328/waweb-minn.gif HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/gif
content-length: 183562
cf-ray: 7911c339cbd01bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "fff30d8c717ffbb76f59cacc77538f10"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Thu, 29 Dec 2022 10:05:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1672308300906900
x-goog-hash: crc32c=yGd2FA==, md5=//MNjHF/+7dvWcrMd1OPEA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 183562
x-guploader-uploadid: ADPycdu9_F8JEX4szWG98lFb_MbH2zLWSe-fVFxJgLUM0g4ZxXrhDWiSD5Wr74iLsJ10Hcu6V7-qlmb8tGxcR1MiubTKIt24Gx5R
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=uV6MabqDS595TFC8Qc7srA4ZXGjbsOQhxRXQrkhC9HY-1674993156-0-AX90K0/jcNBBIutetJu7iwURclkZwi5cE1v9uyd7OQpB/fIawq0mZ/AgshladHdYnYxGdJ/NXrbQIZeYb6RqbUQ=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=1I_AilEuzM64xaOLdD0YQXEGbFeNFbkpuhx_Z.XrPeU-1674993156-0-AYRtl+qP23NCv4Nh6Z/EXssrRoWaWcJ9Xf8MG6KpZLwDv89aKNI0KB7tOqzd+dxzCMKOn4Dm3OmlnfYx/6oIKSs=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIuuz4PLRKIQBvhq2AXHiK1EQvJpNKUmVnnK8abh5hA0Ri7HfRB9YblJ35ftjqHkKY0G5Nm%2BBvRK6G3Uk7NIbmtT%2FfSRZLDIc6UYhfwOVXew7VvODmue107h4fGPEx4BAIIOtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1051837894333038623/rtp.webp
162.159.130.233200 OK 337 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1051837894333038623/rtp.webp
IP 162.159.130.233:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 337 kB (336686 bytes)
Hash d7631f58e757782f0b47ed244d57bf53
832d28bf284861af42ac8c6a4f51184595ce7551
50df1b10eb0d613cc450dffa37bbd9008e77d3a4206cb844f357fb12c77e589a
GET /attachments/1043766431235440694/1051837894333038623/rtp.webp HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 336686
cf-ray: 7911c339cbcc1bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "d7631f58e757782f0b47ed244d57bf53"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Mon, 12 Dec 2022 12:28:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1670848096270666
x-goog-hash: crc32c=3v4QqQ==, md5=12MfWOdXeC8LR+0kTVe/Uw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 336686
x-guploader-uploadid: ADPycdtmN2rXIBoHUqYKZZ5dLWL599xbVNzwUo1WK6YC-6gjOBqRrzfxoe0lKUeZKH1_LGP6J_3fII3JAwTViXfOlosvRZYiIdnM
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=2zhWd_pk3FOYpDjt4UyIpIq3vvNLubI6vnb2UwC1MOg-1674993156-0-ASLEXmxcVW0chvov5CBPKbWlML8hhz+eSE41OaAwoJstjXAIJv94QzbTm7KoW6YV3Yxjy8niBodvNUbmgiCHpd4=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=O2uKfcb6d.btg5ir03jN0wHCcOdf0D..mnGSEPB8NMQ-1674993156-0-AaASktLncolHR8c1gglHYnNhDpX3AjzFUakP/OD0eEfURY1zOrbHOD0geRVtvKnzHMPuszmeemUEnmGxx22EPUY=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hapKna1dC8Sb7aEiO5V6LyXecjNwJlh%2FwETvOVzK1tUp8X2ZkeRN5QkiTHFOVEmwSOabv4uerQcfMTfOg88Nh31DBKPTqmTxLF4Ktv5ALuOfU0c3eVAOD5%2FyTgF27p77MYUIqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1043766697074638959/bonus-newmember-30.jpg
162.159.130.233200 OK 159 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766697074638959/bonus-newmember-30.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 159 kB (159285 bytes)
Hash 1bb95c4b8b74a93f7379f175d471e7ac
2c527db477cd51df3d0f0da0574e2a36d06c34d7
6986e3e1dd0a059ad7ad01b1dc61de72ff836cd31d00c511f3c766cea4d2093e
GET /attachments/1043766431235440694/1043766697074638959/bonus-newmember-30.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 159285
cf-ray: 7911c339cbd11bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "1bb95c4b8b74a93f7379f175d471e7ac"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923772857515
x-goog-hash: crc32c=rLfnIQ==, md5=G7lcS4t0qT9zefF11HHnrA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 159285
x-guploader-uploadid: ADPycdupaEFx2cL7OeVg8mMmm5z_LrIip3AiayeNvkrPMLJ69JTKpwTCUEs3-TwhUMNvru2wU0MwLs0X8gzir48JhURdxrKmIoJm
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=0P_sayfzSgCD_9lM_5WopAntauGyR4gDxXLDT9u.4eI-1674993156-0-AYUy+pwKecnVEGrxrUIzK2bl60n9yuR8HkkCmsa9460Z+McKtyvxjV64wpi8z+ATjYhCcdsqShgbVNIqlp5f8lI=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=YwOqroNiTKlH.vb0NowyzmiNOR7uZzBLvmDRvFGjcsY-1674993156-0-ARYKPO3toigWQgpBUt7ku5WA98eyznhQLgQVWCCljWN1No8sZ73udRw6j+0aBgjsDDXxYsWmtU9ubYYV4nZLsbU=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBHySstAPwBWM9mj3%2FcEokhnUX4VPPG6h5rnJoy0BHWV8zSkW%2F0391RhcmqSLHN0uAbJeJ9O6XQ9cpqYDSKSWTFQkZnqdzJ72jZjM3t4%2F5MEdE3ZkNCCFBNZALJTvGJu0FZc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.rodaslotjp1.top/css/webduo.css
172.67.179.154200 OK 1.5 kB URL HTTP/1.1 www.rodaslotjp1.top/css/webduo.css
IP 172.67.179.154:0
Hash c84376bd22c4c69210901e86518fddbe
0ddf937728f748355de9f70e38776de28673b4b1
ef0e30ded8d8998d808ec43f46358c59dc1a5a06d8f960c82f55424535644452
GET /css/webduo.css HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 30 May 2021 05:20:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNmP6Njku2k%2BimSWGpKwC0rRyTifmVUWvojLs6mBingq1m9dLSmzCR7acWzr2Odxq%2FThSu4JCjh9dnpKtWAr0%2FymaovhYdSM2KFll8ThZaPDiwbzfkna0Q1pWfB7uL8wHCym54HJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c338ceda0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/css/mediaduo.css
172.67.179.154200 OK 2.4 kB URL HTTP/1.1 www.rodaslotjp1.top/css/mediaduo.css
IP 172.67.179.154:0
Hash f3fe2394e0b662a477ed4093af743a7e
5098f0ae863e5f048d299a00cfa22739b5818927
f98e087490b346fba7b9f0b09dc0a6414a4699f1491e7a85fcdbbe6f11bb2f8d
GET /css/mediaduo.css HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVZcl3YHNfi9VDkqBRJTeNR1vXv9IWTQtxTj%2FBnyZKxEIgS%2F76b9goR%2F%2FuGfy6qrWFBFkn7pr9itd7dm1JfhxLTULTNMmf2R8dRmlMGD8CjfWCzufh%2BEMWc9LBt1PBJUBlovFEai"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c338df1fb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.pay4d.info/mobile-sport.png
104.19.136.75200 OK 2.7 kB URL HTTP/2 img.pay4d.info/mobile-sport.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 02a8a80face04e69f3bfa68f686f57bb
61f8a41a95694c27a307199407af513dde0dc43e
d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797
GET /mobile-sport.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 2730
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6408
content-disposition: inline; filename="mobile-sport.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa7bb512-OSL
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1043766697447927908/Bonus-rollingan.jpg
162.159.130.233200 OK 178 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766697447927908/Bonus-rollingan.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 178 kB (178054 bytes)
Hash dd6f700b123c6e230cf8fab1a6985d83
afa07f7a48cb64084526e2fafd25039fd81c333a
da5ab3bdaf2f619304f8113c548362dc161210ee6f4a5a3643b98f3e4de25fea
GET /attachments/1043766431235440694/1043766697447927908/Bonus-rollingan.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 178054
cf-ray: 7911c339cbcf1bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "dd6f700b123c6e230cf8fab1a6985d83"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923772955222
x-goog-hash: crc32c=caFbhg==, md5=3W9wCxI8biMM+Pqxpphdgw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 178054
x-guploader-uploadid: ADPycdteOOaj-ghPfyfeS04ukxevTtsSu1u28XvYiXNKZynKttoyrAg5qWk1-WPgcUfXTjIQ5HnL96dIX0DjPhRKgP0-9QpNJ-JV
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=.8yb3erT9bduZjQ4RAitAdnLRMg8sNA5lTtM4TfgB_A-1674993156-0-ASl7JrFTz3wmteQSlCxTZWKfde9dbaN7O6BMBbdZQafcOaR6a32sjFSEkERPNpyfnBTeKzYXzOWTTFw3ys6Hdt4=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=FAl4Xz.F1fWNuDCE_6B7Eaptm69Msb77oOC5LjWc0Uc-1674993156-0-AcDgV+wzhMv4GFLOMQoAuyNLE8ia+sFNWGfaWxZh0sUMlARHPQy0DwWzpnQ8umF5tgYgWyxpWsod4NfwijF9uC4=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIzd1GGaz%2FrLrVlKh%2BLsKbohXGJSEfJhnu%2F4mf5z9CHnd6Y0HL8Gzc1rkUYKJ1Pgc383NIV6sCBjpgMiK5rcw%2FbB5PX2z21xCI588Bw5CH0V3N%2BHWDZfVO9MzAHlGUXm8E%2BCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1043766696864919572/Bonus-slotrollingan.jpg
162.159.130.233200 OK 343 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766696864919572/Bonus-slotrollingan.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 3750x750, components 3\012- data
Size 343 kB (342669 bytes)
Hash bb997553725be6dd8d2956cbf1bd953a
9edb824cb77dfaea6773d4a8a011c0ace1b35c53
36d413ac15608bf87e9a505c0024f078f7ef1bb51505455cb32e4ee97079a286
GET /attachments/1043766431235440694/1043766696864919572/Bonus-slotrollingan.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 342669
cf-ray: 7911c339cbc81bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "bb997553725be6dd8d2956cbf1bd953a"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923772817130
x-goog-hash: crc32c=ZaZjZw==, md5=u5l1U3Jb5t2NKVbL8b2VOg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 342669
x-guploader-uploadid: ADPycduEz12hZ52-KSQfVrB0ti4nLysiyHpSzhp4Hcfenr2Na7xSlyRInGfTyPH_SZxjZ7uha8XuOx6oUbJaevqZtWGrmAzHzQlC
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=ZNzvlCaB4jzY.8u31UEnpycK.OZxsTgYdW9DWB7z9ms-1674993156-0-AatnMMR7BU1YIy1+eqPo58DDxiHca+psbmQoGu9ncJoxy3+XQV7V63Y+bFPdPnUUj5ez9nIWYks86+1DZqvn8zQ=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=afM7LahO9DNGuUlQZgM7w2rks8ryKndEBkbTR61Nb.A-1674993156-0-AWF9RDfx/rxZiqoJQNDmb5B+r0arS0RujEmhi9x4HMPXVMptDKot6gAYMjApBp/OSSZ+CP8ETsOhXFBqqi0Ry7k=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7RlVcnIhvTMxFtrdmIY8ug5iZYyTCM2zYUAZrFWe2OsMm8UQZ51aB5Nq2RGzc5Hjs0lfG8TLk%2B067mbcEk1rYK7pjjYS2M8KCJtNJLgVw4n%2F3aURx49%2Fl6adJ%2FysqRZKUbLJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
img.pay4d.info/picright-b.jpg
104.19.136.75200 OK 21 kB URL HTTP/2 img.pay4d.info/picright-b.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b3651cddd57d137ad1f9f632ca7360
7ac7d221ec9c1865dc06138b53fe870e6bccdb97
43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef
GET /picright-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 20622
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=24384
content-disposition: inline; filename="picright-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa87b512-OSL
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1064964032311869561/LUCKY-SPIN.gif
162.159.130.233200 OK 636 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1064964032311869561/LUCKY-SPIN.gif
IP 162.159.130.233:0
File type GIF image data, version 89a, 96 x 96\012- data
Size 636 kB (635643 bytes)
Hash 37156a659381e69400ed45a386ad7151
6d5f8dac0faa4ca8a7b271bcbb16fdc7ca1fdf11
d180186f9cf2f19a97be3976906726a1f66566f9dbd169980acbaf4e9a7bf55a
GET /attachments/1043766431235440694/1064964032311869561/LUCKY-SPIN.gif HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/gif
content-length: 635643
cf-ray: 7911c339cbd21bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "37156a659381e69400ed45a386ad7151"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Tue, 17 Jan 2023 17:46:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1673977611437415
x-goog-hash: crc32c=4HR1Jw==, md5=NxVqZZOB5pQA7UWjhq1xUQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 635643
x-guploader-uploadid: ADPycdtbe5RVRR1BgjefyL2CLp2aqssuHcIZaOaGrQkq0CbXwrX0Xw0_CCqVTRnwjWTpfqwv6II5k_jIPxMfUFyyWhG75w
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=TfOO4ViMVjmfrq234QDZPhvd60yzyIkYGskQbv.dGG8-1674993156-0-ASmUanKm+03gWci/YXLrWtRIA9sq8yi8PMV8iLN5JEBUvrhR6rz5ki123U3D9LDnXSIcaYhyKFrfEFj11jUyKMY=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=7nGc0zmpy4XJz8zACihHVaML7bA_VidiCy1dAc_M1PU-1674993156-0-AXjXZ4BrvLa3pmbqtqGVLpo2W1buzB9pNN9kGuZT1ipi3EzfSdeTn21PwJ3b6QtAzIOq7VKqM91/L8HAM8W4stA=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enPQA7ITA8moyeZwxUxe%2BedEyOQyo%2Fdp9NVw1HsOQXNQBeuUnKflaOnBkxNOeBfsqa3VulkiYLfaStkT%2BQot6opaa%2Ffoc8iz%2BM7bNinp9smGyhkzRhr10xrnCW3vbeC6hdot4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1043766696634220544/Bonus-referral.jpg
162.159.130.233200 OK 300 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766696634220544/Bonus-referral.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 3750x750, components 3\012- data
Size 300 kB (299478 bytes)
Hash abb01485281ae8fe03c8e39d5c8858e6
c9875c660d146f6c21890b982b83ad89b84ed27f
5f564bc2740b985812c2c5bc2ea82fa06c40a45be072884515e009cb7eb874ca
GET /attachments/1043766431235440694/1043766696634220544/Bonus-referral.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 299478
cf-ray: 7911c339cbcd1bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "abb01485281ae8fe03c8e39d5c8858e6"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923772765616
x-goog-hash: crc32c=vQF/rg==, md5=q7AUhSga6P4DyOOdXIhY5g==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 299478
x-guploader-uploadid: ADPycduMNObDX1rCrrMYwMduMlcoX8Ew4IRgDBdFQOZJpqRkuTQBYroSX_uGQblklvSUs1r9UoIB1mA7PoedzqMRhSiUKkp2aZyh
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=iOVFnedzQ56xLEIhCibzFfz5DaGeHCNCkHFRA3JrtyY-1674993156-0-AZkM1ChULRP3HnBNqgqZ4c4DI9bbL+QIhoMGjoWP+jpJGJ4A9/9w5mhGIeobMBtiV2PdD8br7ZI24Uhg2F5QLno=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=flwIxjScdfA5tW.kwAh2G0J9wltR2RmxnSg1JOaLye4-1674993156-0-AYdpjB0Fwzg8jbG7ifbwOwL6ZAY1YHeZvpzNTiBinnCPT6V3AHWY5IASmvrB8GvfEL35Amyh3AseCR2ka0qb3/Y=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NJgGGAv5%2BlS1E%2BShfBoz0DrQN2TesNy8%2FqD4nFaz94iPUFW6NkbZwvx7ucedsbFMwAijKqVkTD%2F9iOyoLrtr4s3ogKFc0%2FQRHxIX%2BwhgafluBYjJs%2F8l4Hh5vX1FFD8mBsaAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.rodaslotjp1.top/js/jquery.marquee.min.js
172.67.179.154200 OK 2.4 kB URL HTTP/1.1 www.rodaslotjp1.top/js/jquery.marquee.min.js
IP 172.67.179.154:0
File type ASCII text, with very long lines (1219)
Hash 7b2eda62ee8c0b0804a39cfe676467fa
50eb1fb4fefd6e0cbccee08ebd17ec9fcb86ffd9
7fc47d2040f2ede883c15b2c03e799ce5b0154b756533f52966c5043be52b962
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.marquee.min.js HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7qME%2FEqYnIU1qdHtmH%2BfZ%2BL1qROnk%2BwkVBl1pjgI3pykjJowudl%2Baan9r4u3OkH%2BnI%2BhaXY3fi7Nt%2FGz%2BZ1nIYe3Kso32K8zjvtWTGSUVtjzJN1lrlwNoUzmyrMVfaKFD5gzun8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c339cfa01c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.pay4d.info/live-ion.png
104.19.136.75200 OK 2.4 kB URL HTTP/2 img.pay4d.info/live-ion.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a48e4a72414e5587b22eb4ac4ae959b
a3ac92a04917abab71a98503dcfff52be3af7cdb
e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144
GET /live-ion.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 2434
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="live-ion.webp"
last-modified: Fri, 26 Jun 2020 07:51:41 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a3cb512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/js/jquery.pause.min.js
172.67.179.154200 OK 875 B URL HTTP/1.1 www.rodaslotjp1.top/js/jquery.pause.min.js
IP 172.67.179.154:0
File type ASCII text, with very long lines (762)
Hash a9b5879d9964e5c7567547b663fa2877
6b19ec1471d65de27418d4c00169c373a6265f62
5373de60466aef12a58e50307929d36607740668bca9622b78b3df753ea16218
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.pause.min.js HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLkccPcTSj5sQYU5C6QuNq4xi1wKRIdSd0Ns2eQG46dlDv35K%2BWIXbE0y4ONJz4c1lptjNBmzw1agSMkGL7B7togEo8DWxuU%2FNmiS%2BCib0%2BlYKWQH2dBz7JA3QuZJe5aQZ6FQUsl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c339cedeb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.discordapp.com/attachments/1043766431235440694/1043766697661841498/buy-spin-free-spin.jpg
162.159.130.233200 OK 406 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766697661841498/buy-spin-free-spin.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 3750x750, components 3\012- data
Size 406 kB (406365 bytes)
Hash 204f04e128ecf26c4e240c6a1a373c40
fffaa2f2ea460bf0f70efe4f7634f31303c76307
6a6ab9fa9f7a84a8147aaaf43e68895dbfa6963ec9dd09f741fd0dbc6c3e93de
GET /attachments/1043766431235440694/1043766697661841498/buy-spin-free-spin.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 406365
cf-ray: 7911c339cbdb1bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "204f04e128ecf26c4e240c6a1a373c40"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923773010392
x-goog-hash: crc32c=yLBhWw==, md5=IE8E4Sjs8mxOJAxqGjc8QA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 406365
x-guploader-uploadid: ADPycdvVqD930vWPKoIzGqFLtZdnScg_0Q07c3mHfJHn9Wuwc-H2AYTcObfEjj92XX1FG80AZi2udmv8S76BD209nnmQos_CTW0f
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=v2osRwM96gV_jUqIYq2TWVRrTMRWfHM2jz.B0cTKaMg-1674993156-0-ARart2DD7Tlxgw4bK6ZWlLB7HKu+oYdljKpSmH7vxsIo4V7T0LxYrFf3+ii+uKE12qFSrQrMGSL0KTAGikEhr8k=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=pvRXgRwZEZJ8KEWss5lXodUvNLf1Nm0zq1PEJEpfNy0-1674993156-0-ARRSOz11AE+T3APAlS0DMYVlve9hlUqpWSwMWjyrKB4/gspmYWmu3Qz4J0MOKWWJGOymzeXJ7LUPzHDZNg6S2bM=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BZpffxbs6t4TsPPOreAQqS2937TGJO08Q9K6iw%2BldDOZiXX5mp7XR69ifYSeBXmkClNUvn79o6KZEgfu1DkjKgtHPrp2oVBC3UbYH18JXiUYtBUHp%2BgdW8Ztm17qLe0T%2BF%2BfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
img.pay4d.info/slot-spad.png
104.19.136.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/slot-spad.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d6290e499ede13e741045d26dfbd95bf
73a41f0d753bb0843be9bfb147e1999ced0e30d5
ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89
GET /slot-spad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 1258
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4945
content-disposition: inline; filename="slot-spad.webp"
last-modified: Wed, 18 Dec 2019 05:38:16 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a33b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-promo.png
104.19.136.75200 OK 15 kB URL HTTP/2 img.pay4d.info/icon-promo.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 11a8e2c003ba77a68232b9d691a26bec
44a0551575e11d99ba5af824dffa53da30ae290c
e5090f48858bf3a2ffc2caf8463340102846ca61ebeced2378f1749525e3be52
GET /icon-promo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 15448
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35857
content-disposition: inline; filename="icon-promo.webp"
last-modified: Fri, 13 Nov 2020 07:11:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a27b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-prag.png
104.19.136.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/slot-prag.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e7ecdf154298edbc92186de70734ff7
10402bf0a46147d1b1e6e41ded452c24faa6dce6
b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713
GET /slot-prag.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 1416
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5251
content-disposition: inline; filename="slot-prag.webp"
last-modified: Wed, 18 Dec 2019 05:38:15 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a2db512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-mg.png
104.19.136.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/slot-mg.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /slot-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="slot-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a36b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/footern.png
104.19.136.75200 OK 10 kB URL HTTP/2 img.pay4d.info/footern.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c874f595389f01e778067dff5bc5d1f0
c5f3cb0b0a03bb0cc41cea7d1bc24b630eaab4bf
84097f8df21211e36d200017ce5dbb571569bbd5d21d7dfb1067d0b75567b17f
GET /footern.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 10240
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11983
content-disposition: inline; filename="footern.webp"
last-modified: Fri, 04 Nov 2022 13:47:10 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339ba90b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright.jpg
104.19.136.75200 OK 23 kB URL HTTP/2 img.pay4d.info/picright.jpg
IP 104.19.136.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 4d21cb6ce4fcf78445d50ec994697f8b
df4d5433b0acbf6ee3a0db62663f071b2fb01275
b267ac51d20c09b4e5bb4f90f30fac9fb72c024f4448eff75cbccdba316da2e6
GET /picright.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 23329
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26379, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7911c339aa85b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/wa.png
104.19.136.75200 OK 378 B URL HTTP/2 img.pay4d.info/kontak/wa.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 18d9883e1a072905361ca73d34a57734
c9dcf63a7866cd530f7615bd220e7ce4e81aad0d
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5
GET /kontak/wa.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 378
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1628
content-disposition: inline; filename="wa.webp"
last-modified: Mon, 09 Sep 2019 19:19:48 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a2bb512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport.jpg
104.19.136.75200 OK 20 kB URL HTTP/2 img.pay4d.info/picrightsport.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d1f34718eb29953cdea660adc61f1ecd
4856b1c3779c7dcf70c23b5efd1dc29d70698efa
5a8d9b477da241d730a8f786ed294e4b5e5c868363130072dec8164399c5e743
GET /picrightsport.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 20504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=46462
content-disposition: inline; filename="picrightsport.webp"
last-modified: Mon, 19 Dec 2022 07:27:45 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa83b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/informasi.png
104.19.136.75200 OK 496 B URL HTTP/2 img.pay4d.info/informasi.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55734ca433dd15622f992f24a3750a77
625812100e07a5b85b1dca90d622c0deafa3410d
0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395
GET /informasi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 496
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2507
content-disposition: inline; filename="informasi.webp"
last-modified: Sat, 30 Jan 2021 10:28:59 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a50b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport-b.jpg
104.19.136.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picrightsport-b.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b384a638dc5c10281228cd681469b5db
bf8625ff8f2a683d21cd384f671ce379b9a7c76d
0dc4e717442c9585c855bc2dcaa9d621be9fee18d541f724f0af33b3e57137ff
GET /picrightsport-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 11588
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13092
content-disposition: inline; filename="picrightsport-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa84b512-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 11:49:04 GMT
age: 212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
img.pay4d.info/picleft-b.jpg
104.19.136.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picleft-b.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea02b87d5efe916e0d1fd689245bafa9
d515d56084f09ed372c254188e6fd75a74ae5543
1a84b9a6f066b825d388f044e0012bfe7922a9ca9a4400c2fa33cac082bfc91d
GET /picleft-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 11550
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=40621
content-disposition: inline; filename="picleft-b.webp"
last-modified: Tue, 03 Jan 2023 06:53:39 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa7eb512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-evo.png
104.19.136.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/live-evo.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a27aeaaf4f87ea70e9d8f179dab9c1d6
acd3b82f10cf00f0487ca7fe1e22ad662d4638fd
9d16857bece7fbf86f719af897f7a7036dd151d2fa4d31e2ae08f863e0dfe179
GET /live-evo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 1224
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4930
content-disposition: inline; filename="live-evo.webp"
last-modified: Sat, 24 Dec 2022 07:19:19 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a3bb512-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 05bdf0a14688c161245db337838e7986
eb3dc24731add860a66b42a14cb9e23212c6d55e
9d725efb303175d9e6e4c44cf7f2dd2646ceb092d778ea03ce2778b3e0f44c4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D725EFB303175D9E6E4C44CF7F2DD2646CEB092D778EA03CE2778B3E0F44C4B"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Sun, 29 Jan 2023 17:52:14 GMT
Date: Sun, 29 Jan 2023 11:52:36 GMT
Connection: keep-alive
img.pay4d.info/pop/mobile-opus.jpg
104.19.136.75200 OK 27 kB URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c7c68406a33bfeeea33d200bce07482
6763ed1610ec08dea562567d316ecbde90bddd59
07c5decca1ad0618b40d89d037235e9b807c5a0cf45845ddfcd21eb30bb3a9ad
GET /pop/mobile-opus.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/webp
content-length: 26890
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=125287
content-disposition: inline; filename="mobile-opus.webp"
last-modified: Thu, 19 Jan 2023 08:21:15 GMT
vary: Accept
cf-cache-status: REVALIDATED
expires: Sun, 29 Jan 2023 13:52:36 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a2cb512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/js/webduo35.js
172.67.179.154200 OK 4.6 kB URL HTTP/1.1 www.rodaslotjp1.top/js/webduo35.js
IP 172.67.179.154:0
Hash 7dd3b2272670666308f82cdbfec11078
45a917a4c26acd9b14453339e257fb3649b3b03c
78d65b9561323fe66dad90ef64848b63a3bd3bae0868d6a7688d95341d988b98
Analyzer Verdict Alert fortinet Phishing
GET /js/webduo35.js HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 04:51:13 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGFyasy7qGEVuZ77giAoA2Rkda3VgkSnDG%2F2ZjjC9qJsulsfLLnmPHq3IwAHKeXJIFtD1D5uBmn6%2BjSK%2B5Qen%2FutcO3XnQVKc4X8yRpCkHkrY6sOw6rR3DEl5axhTZsLN%2FTvVb6A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c339cad80b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
liputanslot.net/assets/message.js
194.1.147.84200 OK 557 B URL HTTP/2 liputanslot.net/assets/message.js
IP 194.1.147.84:0
ASN #210250 K Media Tech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1339), with no line terminators
Hash fa37adf380e261828d36f5187f31e380
cf73332c391f81c50af332b51009eeaebccf3de7
a852e1a95e19a00e1f2159806c1a8be87f256fe9334678d827491df990163d96
GET /assets/message.js HTTP/1.1
Host: liputanslot.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: text/html; charset=UTF-8
content-length: 557
last-modified: Sat, 28 Jan 2023 08:02:14 GMT
etag: "53b-63d4d686-787b2139e779ef35;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=3600,stale-while-revalidate=21600
server: WPX CLOUD/NOR01
x-cache-status: STALE
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10214
Expires: Sun, 29 Jan 2023 14:42:50 GMT
Date: Sun, 29 Jan 2023 11:52:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 05bdf0a14688c161245db337838e7986
eb3dc24731add860a66b42a14cb9e23212c6d55e
9d725efb303175d9e6e4c44cf7f2dd2646ceb092d778ea03ce2778b3e0f44c4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D725EFB303175D9E6E4C44CF7F2DD2646CEB092D778EA03CE2778B3E0F44C4B"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 29 Jan 2023 17:52:35 GMT
Date: Sun, 29 Jan 2023 11:52:36 GMT
Connection: keep-alive
liputanslot.net/assets/message.css
194.1.147.84200 OK 557 B URL HTTP/2 liputanslot.net/assets/message.css
IP 194.1.147.84:0
ASN #210250 K Media Tech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1339), with no line terminators
Hash fa37adf380e261828d36f5187f31e380
cf73332c391f81c50af332b51009eeaebccf3de7
a852e1a95e19a00e1f2159806c1a8be87f256fe9334678d827491df990163d96
GET /assets/message.css HTTP/1.1
Host: liputanslot.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: text/html; charset=UTF-8
content-length: 557
last-modified: Sat, 28 Jan 2023 08:02:14 GMT
etag: "53b-63d4d686-787b2139e779ef35;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=3600,stale-while-revalidate=21600
server: WPX CLOUD/NOR01
x-cache-status: STALE
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1043766431235440694/1043766697242394725/new-member-sportbook.jpg
162.159.130.233200 OK 349 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766697242394725/new-member-sportbook.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 3750x750, components 3\012- data
Size 349 kB (348649 bytes)
Hash 1a2bab8b923e6cf319ea5902f2c72e71
e25f4d92dfb49c9e106457cd7c982a318ee9a741
c56729dd44e4ad359b063844365ac40297b7ba0b722636aa6fdb9d6328d00442
GET /attachments/1043766431235440694/1043766697242394725/new-member-sportbook.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 348649
cf-ray: 7911c339cbce1bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "1a2bab8b923e6cf319ea5902f2c72e71"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: h2pri
x-goog-generation: 1668923772906306
x-goog-hash: crc32c=EwbLNg==, md5=Giuri5I+bPMZ6lkC8scucQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 348649
x-guploader-uploadid: ADPycdv2oXBb26j-tItDWV3b0V39UBtrk1-7ze8jUif3c9_BfhEAXUoe5LmvzAuIa3SvpUPXN6nUMX--k1lQEt1YETBGOA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=xn7t2._j7f5qppkHHhlEJ7p8NSwAI8OEHDBWcuMCOXw-1674993156-0-AZlBvJGOfn9Db3ooA+E/yXr+XB4HvEGsIcJmz8rGiRlNL9IhkdLpPt3U9ttbJ/Dd0O8FpTT3uuol4TF/fQzFf1M=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=s3TJnSAe6lMJvQLX3BOpsXM5EFUGbYPghN4N9kipQ_k-1674993156-0-AY8RgS0GJnmx7Eaa57soewc0T7Ulc7R5UrNqCjaG4pKcTp6H2Qkrq8gTu7AtjO7sB93wJCwE2K8qTyBLLs9CoJk=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fu7jXjC%2FVugSPAIIefKOMbnISCMXvXhjNvIgtujCuq%2FWfy0Xbq4AEzzMgb0RiHu6QiPvqmb%2FdWVUzXnL1qcDwF0h4ezHqyfL3o7vLNETIukq8FFCQqGuCSrdcJwKYyTPi74fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.rodaslotjp1.top/css/bootstrap.min.css
172.67.179.154200 OK 22 kB URL HTTP/1.1 www.rodaslotjp1.top/css/bootstrap.min.css
IP 172.67.179.154:0
File type ASCII text, with very long lines (65230)
Hash b70815b6af1d7a029188550ac74a6f11
5e2ce97dc2ee598a206415bf9764daf11011b6b7
111825b8ecb441cb01c5b86b19c38825081a9e366d9e90e5fd4fcf46ee952872
GET /css/bootstrap.min.css HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:17 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pka31MXRtf6z%2F1B9NqzLIMJDeUJq4FTga2yzq35msSMKaecMhz8BKKIkh5XIP3%2Fs%2B8ZcYsJd%2BRF5NKWs9DgmgyhCfzJXLNbuCSG9vdtoULkqRgTVOFNdybxjWqIIFXufrpluja3W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c338cc7d0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.discordapp.com/attachments/1043766431235440694/1043766697888317480/Harian-khusus-slot.jpg
162.159.130.233200 OK 190 kB URL HTTP/2 cdn.discordapp.com/attachments/1043766431235440694/1043766697888317480/Harian-khusus-slot.jpg
IP 162.159.130.233:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 190 kB (190492 bytes)
Hash 7ea8140c17c597fb11bf2d065558d065
7bcd3e3adc727311482a0f69e0bc35faffe488c6
cf78dc47009fb91d75d36e986815fad85f4923680a969c31683b4f3fc8f440a3
GET /attachments/1043766431235440694/1043766697888317480/Harian-khusus-slot.jpg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:36 GMT
content-type: image/jpeg
content-length: 190492
cf-ray: 7911c339cbd61bfe-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "7ea8140c17c597fb11bf2d065558d065"
expires: Mon, 29 Jan 2024 11:52:36 GMT
last-modified: Sun, 20 Nov 2022 05:56:13 GMT
vary: Accept-Encoding
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1668923773058888
x-goog-hash: crc32c=3vAEOQ==, md5=fqgUDBfFl/sRvy0GVVjQZQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 190492
x-guploader-uploadid: ADPycdu6_bdxAL9N1_cK-3wTMowpOPDVAmbA4imu5aL3DFOyhPdYrTX1l49C_7-1RSHW7qFhyiKqnVyQa886GHg0IgCQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=Vo1sJP6EJNlrJ80Swo9Mx.W5o6RTusWeKG6lcCnFCZ8-1674993156-0-Ab58XgLGJq8GduHPUV1yuzuY42Qe82Mhabta7UgHlgg1IwbiUv/jkQzk4SomJCV3Kpa0DD9B4dwOshWmu4Zkm0U=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
__cf_bm=uj3aYqRjwB_U8Af.ZznGTzCYt1vxq6logIcWAI_wvhE-1674993156-0-AXM5I6w46IFAu/BoF0fPni0v76nZnxGXJ2Oz96+tiDU4RlNH8b6NCi8StQEbLgSYt5eTC3EWTdzb7kjWfVLKvhM=; path=/; expires=Sun, 29-Jan-23 12:22:36 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTN8fCy08bja%2BaGtm8Rf9mDetA5VhRYFGU%2FPmWmN%2BoOkeK50LkEwSBW4dOnwU%2FIHMJMQpALdsy9QbqEYUpEgsKdg%2BgkYELasExrc2DSfDOuRFtuouEg5qNdM4SeLNyt2LwLLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-D3WR7HGLGB>m=2oe1p0&_p=219287724&cid=1824737680.1674993163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674993163&sct=1&seg=0&dl=http%3A%2F%2Fwww.rodaslotjp1.top%2F&dt=RODASLOT%20-%20Situs%20Slot%20Online%20Terlengkap%20dan%20Terbaik%20di%20Indonesia%20tahun%20ini&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-D3WR7HGLGB>m=2oe1p0&_p=219287724&cid=1824737680.1674993163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674993163&sct=1&seg=0&dl=http%3A%2F%2Fwww.rodaslotjp1.top%2F&dt=RODASLOT%20-%20Situs%20Slot%20Online%20Terlengkap%20dan%20Terbaik%20di%20Indonesia%20tahun%20ini&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D3WR7HGLGB>m=2oe1p0&_p=219287724&cid=1824737680.1674993163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674993163&sct=1&seg=0&dl=http%3A%2F%2Fwww.rodaslotjp1.top%2F&dt=RODASLOT%20-%20Situs%20Slot%20Online%20Terlengkap%20dan%20Terbaik%20di%20Indonesia%20tahun%20ini&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.rodaslotjp1.top
date: Sun, 29 Jan 2023 11:52:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
142.250.74.138200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
IP 142.250.74.138:0
Hash 739f66314deb6ecffe8452991a2b384a
aeaf8d0232ad53641a166a2085bde612a7596256
03c013a52f105b9b1adfdf7e49d67e011ed06308b6926a4f726d407725d957a2
GET /css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 11:52:36 GMT
date: Sun, 29 Jan 2023 11:52:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.88.113.219101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.113.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3OIQR2LOmjbn0RqIMLOr6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9TB7C5VqAc745Y16UmmddmOebjs=
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
142.250.74.163200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:41:42 GMT
expires: Fri, 26 Jan 2024 07:41:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
age: 274255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 03:22:46 GMT
expires: Mon, 29 Jan 2024 03:22:46 GMT
cache-control: public, max-age=31536000
age: 30591
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Hash 55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 22:56:22 GMT
expires: Thu, 25 Jan 2024 22:56:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
age: 305775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rodaslotjp1.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 03:37:07 GMT
expires: Sat, 27 Jan 2024 03:37:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
age: 202530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:52:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.pay4d.info/fish-fishing-god.png
104.19.136.75200 OK 4.1 kB URL HTTP/2 img.pay4d.info/fish-fishing-god.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a0948f83578f51b07453a73d2e7feb0e
0e3f824762ed0f79c93200f05b8b631535e62d50
294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d
GET /fish-fishing-god.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 4084
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8579
content-disposition: inline; filename="fish-fishing-god.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a48b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picleft.jpg
104.19.136.75200 OK 22 kB URL HTTP/2 img.pay4d.info/picleft.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b1bdc85cc48c85f6033c7ddca833b0c
df9589d7051fba1a5c2fd15b81b11f72f24caee0
7e599adfbea9fa50b6139eae70f7ee2214c9a0fd14a718f1d07bfd4b955ae63d
GET /picleft.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 22128
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26042
content-disposition: inline; filename="picleft.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa7db512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-togel.png
104.19.136.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/mobile-togel.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24ee8246bf5b00f82e391b3de2c9530d
44b86adefeab3260148aadfa367cf35c602b6761
04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb
GET /mobile-togel.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 2816
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6237
content-disposition: inline; filename="mobile-togel.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa86b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-cq9.png
104.19.136.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/slot-cq9.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c1a383f5c29c2a1abb0146f00f976edd
d044fc1b18c28a0129ef1ffbeba52166614d057e
cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701
GET /slot-cq9.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4157
content-disposition: inline; filename="slot-cq9.webp"
last-modified: Wed, 10 Nov 2021 17:01:06 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a31b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-opus.png
104.19.136.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/live-opus.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff58f7baf1903414b9e121fa194c01a0
9686d2811e39d923e00d3573d187e84dda29fdba
d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a
GET /live-opus.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 1330
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4303
content-disposition: inline; filename="live-opus.webp"
last-modified: Fri, 26 Aug 2022 10:55:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a40b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-slot.png
104.19.136.75200 OK 3.0 kB URL HTTP/2 img.pay4d.info/mobile-slot.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd496c55acc5fdb1ebe53c18e7b78a2e
256827a0c6474898129d22b1cfa7fadc88d96b70
414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3
GET /mobile-slot.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 3002
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="mobile-slot.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a26b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-pp-nv.jpg
104.19.136.75200 OK 169 kB URL HTTP/2 img.pay4d.info/banner/slide-pp-nv.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 169 kB (168610 bytes)
Hash d3d185a742b8f2650c153207608c6be7
5bc15557fcdb266c2cc9c7ea8f38def91508b9d2
e30c665d50bf89e24bc57096a97cffa3d4fd7b8e2cef770c482558979ecbf352
GET /banner/slide-pp-nv.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 168610
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=268483
content-disposition: inline; filename="slide-pp-nv.webp"
last-modified: Thu, 12 Jan 2023 07:32:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a6db512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/m/capimg.php?1962
172.67.179.154200 OK 804 B URL HTTP/1.1 www.rodaslotjp1.top/m/capimg.php?1962
IP 172.67.179.154:0
File type PNG image data, 40 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 5ef3c11e9a1c15a8d016a2d1ad240f86
0f90edad0e56a704d9317fe7afb5ffb140c2343c
9a18c2acaab3b05edee26007fedee55542f8523b90ff900240abac76a10889d7
GET /m/capimg.php?1962 HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEN6mu20nGpCtzO0yzgUHxiSnj2oju5AvSpomYwDONJHftf7bd%2FwrTOThJs5f3CydGwqzsA%2BWlKeD5%2FEvAL0ZJj50po6hTsyvQqIMjedU7FSRrOH1nJXcFEvQqcWfI4E%2F7fLC3HU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c33e6f720b41-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/bgline3.png
172.67.179.154200 OK 986 B URL HTTP/1.1 www.rodaslotjp1.top/images/bgline3.png
IP 172.67.179.154:0
File type PNG image data, 404 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash 35f092de33a76e1433440f6f73871f72
d0005c8a59a9320fa9dd75de88ba00bb20e51acf
338b8adbfdbba50026ac6ccb50492e68d4c27ddd75148a2c46f2410fe3941782
GET /images/bgline3.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/png
Content-Length: 986
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSgWL0SUWFMpX4hP56S%2Bn6a5S2BqX27lGF%2B3z61wtszLDUBFumqpNGvXKPjepsG3H0Zvo9kb4J0tjTollfXzU%2BzrTc308lx1bfMqDeX%2F5dh%2B7CcpRCtRO2AKnv4%2FC68uuzWTDIAV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33e6ea8b50c-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/icon-kontak.png
104.19.136.75200 OK 13 kB URL HTTP/2 img.pay4d.info/icon-kontak.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03428e550c367a0b470f6fe70d6d55c0
80b591a03333d4bec9e5ab54a0c3f4c1ed45367e
277e7027c4afd477229e58b7a992d3c43ec2b1406693a3283a8d5a59ceb09b1a
GET /icon-kontak.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 12922
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=28713
content-disposition: inline; filename="icon-kontak.webp"
last-modified: Fri, 13 Nov 2020 07:38:15 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a29b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/hb-jan23.jpg
104.19.136.75200 OK 139 kB URL HTTP/2 img.pay4d.info/banner/hb-jan23.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 139 kB (138780 bytes)
Hash 5d9192c49166652328274421f6c17270
b593d3d5d26257488b6f321121b0ea3ec0bb1408
0df28c495b5e853aec3705b1da33d2a0f1906e1eb9b3db47b3b24ce8ef84b8f3
GET /banner/hb-jan23.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 138780
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=237049
content-disposition: inline; filename="hb-jan23.webp"
last-modified: Thu, 12 Jan 2023 07:26:40 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa73b512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/logo.png
172.67.179.154200 OK 21 kB URL HTTP/1.1 www.rodaslotjp1.top/images/logo.png
IP 172.67.179.154:0
File type PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 636a6ef59b3e10958912e3e0f04124bf
6784d7e4021e6286fddc77d3513d6a6fd6395c62
6090ecd94834562f6ccb259554e1b9eb833f9fbb626ff103ec25d07552c5420e
GET /images/logo.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/png
Content-Length: 21030
Connection: keep-alive
Last-Modified: Sun, 30 May 2021 05:16:01 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlMjpMVmf4UziB9K9haI4DwtLrY6fU5pfhpNBXKQPlriz1qasJGfVbdtL8hgk6xkXBGFDwyLPY8JUx21p21x9IRq6GzUsnCzd%2FQACp60PAWEf2dWaN6AkkOkVRvii3t7dpePBBOU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33e6cea0afa-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/logoweb.png
172.67.179.154200 OK 21 kB URL HTTP/1.1 www.rodaslotjp1.top/images/logoweb.png
IP 172.67.179.154:0
File type PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 636a6ef59b3e10958912e3e0f04124bf
6784d7e4021e6286fddc77d3513d6a6fd6395c62
6090ecd94834562f6ccb259554e1b9eb833f9fbb626ff103ec25d07552c5420e
GET /images/logoweb.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/png
Content-Length: 21030
Connection: keep-alive
Last-Modified: Sun, 30 May 2021 05:16:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAw%2BZW%2BnJPEGVPQt8RZCfn42gvs52vbh9xpgjLu489ttF2vwy5FRkmhc1YiFnm41%2B8HUZdiUdNeKDtBRV2pbTyKAWWzTtVErrGXMEmSE2Meoc3VpFYtyb65GLoryv8oOSsNfUPff"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33e6e6ab527-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/live-pp.png
104.19.136.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/live-pp.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f1aa38c5a91ca20b6bfdee9245eebc2
5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf
57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65
GET /live-pp.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 1418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7765
content-disposition: inline; filename="live-pp.webp"
last-modified: Fri, 26 Jun 2020 07:51:40 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a39b512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/webdata.php?content=broadcast
172.67.179.154200 OK 131 B URL HTTP/1.1 www.rodaslotjp1.top/webdata.php?content=broadcast
IP 172.67.179.154:0
File type ASCII text, with no line terminators
Hash 9eeb528105dc734d4685a1498e34662b
dc4a79b74e316f0398c05872b8975796e8fab8ed
3f942546f48977007e27e64a5ac31ed371d0c1c662960bc2b286f69fd2438bd7
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=broadcast HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JEZWuqiFyKXRaCtMOHPDaLE5CCJE7PGHtDhCKV2fFhKuCVjfj9YSSIiCQM4VaKkk5MvIAno5dHAgIKSCbyScP6r08pZa8PP8I6rEUxCrhO5TPPZc8rOQTOpXaJ5XYMtMnU5iMwd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c340b9b00b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/webdata.php?content=mobileapp
172.67.179.154200 OK 162 B URL HTTP/1.1 www.rodaslotjp1.top/webdata.php?content=mobileapp
IP 172.67.179.154:0
File type HTML document, ASCII text
Hash a06a7d39b22f1c57a0071e9b32c4ec58
c58d62daece7b19a3b0dd990d4141000a57490a4
e479d9de218cb5c1dd7d4ae3ff9122a9a0d4b077b8eefffb6953e466fb8aa897
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=mobileapp HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ACO1JpOoQjE4lFWoRvRmXtWX%2FzRaxyyOCKot82ibyFVXNMm%2BVfM%2Fejg17%2BKER32qCa9VrjI%2FBpeLlVE04JCdP4yDgIwY5WIK%2FKGc%2BHPCl8I6TpP1wocGUCOvwGrbqRLJsaDgXVb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c340b9f9b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.pay4d.info/fish-alien-hunter.png
104.19.136.75200 OK 2.9 kB URL HTTP/2 img.pay4d.info/fish-alien-hunter.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44ed1c2cb6486482db8d337636bd9494
7d7f1961857c405b2d72078ee512626a79ce2504
165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3
GET /fish-alien-hunter.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:37 GMT
content-type: image/webp
content-length: 2884
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9071
content-disposition: inline; filename="fish-alien-hunter.webp"
last-modified: Wed, 07 Jul 2021 11:05:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:37 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a4cb512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/webdata.php?content=desktopapp
172.67.179.154200 OK 249 B URL HTTP/1.1 www.rodaslotjp1.top/webdata.php?content=desktopapp
IP 172.67.179.154:0
File type ASCII text, with very long lines (332)
Hash dbc3877819c4d6471ad61498c11234d4
85b7fad57b29857d952a67cdeaa54b54e37d4fa4
59c88e5760a009cac48962c9bf8abb45cb3a32aec33cdcd8a6014d7e84a54d2f
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=desktopapp HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhhy55xYJulWcIveiW3PQrU46pjZOwFE4UmfKgj6nmOEcTIiiTI4YjQPGwmwgETf7gtNXNMdmep%2Fb8bY7n4V%2Ba5BpHFPio17FqczHAIOXyoAG9z9mxPgN3x3vfxlyIvam9ZVbGO1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c341d87f0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/webdata.php?status=time
172.67.179.154200 OK 36 B URL HTTP/1.1 www.rodaslotjp1.top/webdata.php?status=time
IP 172.67.179.154:0
File type ASCII text, with no line terminators
Hash 774dd327b0a1fdbace44f22d6304ac87
1f1970237e624f2f70e1ac5772ced03816cbf712
7b04f2cc1a61296d868ffdddb32db3855bc4535010746f083c983f3040f2590e
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?status=time HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BocqciSg0ogPhbMGND%2F9VfxrbwPWt1ppu28rVUDYJoTyHtGOFvBht4voeo9mvsigPLj%2BPvtpIKTNLYfYikatIs3K68%2BBT9t5F0Pdun%2FxPrajkwg3wsT%2BCKK1SDs35dLuspM835%2FG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c341fb76b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/upload-Slides-20220614172012.jpg
172.67.179.154200 OK 231 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20220614172012.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 231 kB (231172 bytes)
Hash 4df76c95de2cb3cbd33b5be2bffd7ae5
a9ce403b0f1ebcf6b95fc3f87bd828e31d90b26c
381d7bb68c9f02142f2a7894e0f7020fe02fa46bf13f6efb2c40846bc5d46a87
GET /images/upload-Slides-20220614172012.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/jpeg
Content-Length: 231172
Connection: keep-alive
Last-Modified: Tue, 14 Jun 2022 10:20:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brxjRSguUscHsOA19dhSf%2Bdi2IT6e8OL7py0ge5iqtGA20HK8bNqpPlnO%2FSQ1wBtDGpXHSc8ShrxImC2Bvdldt9uLsMvAZyiu%2FGjx%2FLIFUPVkmO6kFmNBxpJFpFo92%2FfmFVn7Ea%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33e6c011c02-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/bgline.png
172.67.179.154200 OK 968 B URL HTTP/1.1 www.rodaslotjp1.top/images/bgline.png
IP 172.67.179.154:0
File type PNG image data, 576 x 4, 8-bit/color RGB, non-interlaced\012- data
Hash 84736c9ee51d3eb343d5e80ad4ec8a60
b2f28178c4e4b159cbdab5e4926dba8770bfb935
3712ce4415b312c06051a5d16174de7dab3104a4268588749692df3aa4dec75a
GET /images/bgline.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/png
Content-Length: 968
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMErRfB4ttUUA75JsohQeqMNoULqWeR2jOcDhMdRwU2RDtZk5xgPX1ml%2B1Wx4kXHsqMKx3ktGIzJgxtoul%2BrvFcPTyLJQZuF2bD%2FLmZei5DBGPaaV21aJCPjvuJ61RkfBwryXmGq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3431d1bb50c-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/upload-SlidesMobile-20221124145502.jpg
172.67.179.154200 OK 458 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-SlidesMobile-20221124145502.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 458 kB (458299 bytes)
Hash 21664d4045d0f247c15f070a6fe9ee07
ccc9b1fc018ad8d29310f364cca3919edd0948c4
c70db3ac2d8d142d6bcfb38c381e01f767b1afca0c7d2a5c482cac1c4225a005
GET /images/upload-SlidesMobile-20221124145502.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:37 GMT
Content-Type: image/jpeg
Content-Length: 458299
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 07:55:02 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z496TniDqovOFCmGu0nhtAj5act%2FovHL6smmoOabKJNKL22%2F4NBl6KEFcTRl%2FebhbKA75wp7gtk3pftRBz6Zzwd8nPYLQWFsDObEoRzgB0C5Ip8kHLOXH7r0TDQ81v6FlPAXTTIs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c33e6adf0b61-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/picmid.jpg
104.19.136.75200 OK 34 kB URL HTTP/2 img.pay4d.info/picmid.jpg
IP 104.19.136.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 9ff8825bea0abb9177794729b5932760
9424c5ff2b125bc8d319313875c90c5393183b36
18179e3e611fdec3356c387f78b85ff7201fd7ee6166eb5aff06aa851cbe4b82
GET /picmid.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: image/jpeg
content-length: 34044
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=36646, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:38 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7911c339aa80b512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/kontak.png
172.67.179.154200 OK 5.0 kB URL HTTP/1.1 www.rodaslotjp1.top/images/kontak.png
IP 172.67.179.154:0
File type PNG image data, 69 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash cc9ff1f22490e2cca070a57979aea150
c41c924a335152f8e6b07543ff4384e750e114f5
d13562a3a1a8c4e5dedebdc1924ce73f2944c82937d3f247d087caa16cb565f7
GET /images/kontak.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/png
Content-Length: 4995
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCVgBZ0LYZ%2B%2BVcc4aWqFuOeZ7KLcCnEFM%2BPHd4TUUaFCTWRgCZdK2MjjtJz%2Fg%2Fxj2%2B0MH09g0gwAXj%2F1tPVz7EJE0bYbpVpqmboMGc0jnb%2BaMEPQujiueJc5LHHWBKlV2Jxji4Ol"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3444eebb527-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/fonts/glyphicons-halflings-regular.woff2
172.67.179.154200 OK 18 kB URL HTTP/1.1 www.rodaslotjp1.top/fonts/glyphicons-halflings-regular.woff2
IP 172.67.179.154:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/css/bootstrap.min.css
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: font/woff2
Content-Length: 18028
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwZVP5laVOfU9PwXmjVt7UZjfJq2P%2Bsiy2hYG58oMnJf5hWkVp5kG%2BBt%2Fr8Ats%2BEWjfKikH%2FbPfyS1vT7LKmxLQj23es95AvmpF%2FvxbOpNfrpQ%2F07GrSdN9LS7UhjKYJu4OK7zS5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3430c190b41-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/bgline2.png
172.67.179.154200 OK 1.1 kB URL HTTP/1.1 www.rodaslotjp1.top/images/bgline2.png
IP 172.67.179.154:0
File type PNG image data, 1228 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash 8ddd2e7e6b251acb682296a4c9c3bfb7
eb6c8dd0ca1ee91ed2323c38ca0e49a1c578b7f7
25155f2e8b8413ab2d2d84cedb68a64b7cd23704c005cd89116519fdd1716d0a
GET /images/bgline2.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/png
Content-Length: 1055
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNbz92AhGO5OVY3rnhUExZ2mFpEyTwzfG97sdmKDhwO%2FnoWgnyukLE2XazWaGxWz71aEt22IldTAuoaDaHouHYdmjZRdNpbNgmgk7oSSDKvX%2FaXd7Ld4Gix4eJ%2F5k1BEC6iHbK2g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3442b120afa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:52:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:52:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:52:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:52:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 65802
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 42512
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 23309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 50777
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47514f1386d4e6962ac2c931647f60f4
c8da685b6a5aee80c98d4173ffe226b672f054c3
474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7201
x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRREJqIAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZ3Kbsx37Dlb1Jv23XJcbmrv45SlUiEv9nGAjmjseS6Rk-vZd22O7A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 01:14:26 GMT
age: 54081
etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 45610
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.pay4d.info/slot-hab.png
104.19.136.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/slot-hab.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 158c1eeabbd166126f46035ec5e6d457
83fa7159d10da9989fc9853ee6f96ab57b065e83
11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0
GET /slot-hab.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: image/webp
content-length: 1888
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5768
content-disposition: inline; filename="slot-hab.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:38 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a2fb512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/psr-hk.png
172.67.179.154200 OK 5.8 kB URL HTTP/1.1 www.rodaslotjp1.top/images/psr-hk.png
IP 172.67.179.154:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b33466f1596c700cabc4b5aa0fdeddc
96ca4f0aca9bc2e4d28d9e8ee94868b1413e5199
80eaeccf24ccdf4a13dc2a1c1b0780681678cee4c40e3d13bb55e9f16e8240d9
GET /images/psr-hk.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/png
Content-Length: 5800
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClZtRKY4zCahm%2Fad7ENUPgw9Vvgn0sZVnpv2FD2B20rfF7kG5TcmHYQOq3uOAX04UD%2F6hOLsgw7EGH%2F7y1dx8aMhOpN9I45xyyXorfUb4NZGb9iaRmwFvHQLie%2FhR69P1oqbeHSA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3457838b50c-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/mobile-tembakikan.png
104.19.136.75200 OK 2.1 kB URL HTTP/2 img.pay4d.info/mobile-tembakikan.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bfdeefb05e569edf1028afb65895653c
97478d745112e48f9400eaeab7e84c41c60ceec2
02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd
GET /mobile-tembakikan.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: image/webp
content-length: 2106
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="mobile-tembakikan.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:38 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa7cb512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/android.png
104.19.136.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/android.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b02cd52bbd4c1164b94f9c21050e6be
8941f921796a98fc8fabb4c0cec157c34d4e4276
a7c62c2757c85f7b8edb8bddd7f3b0472c851452daceb20485ddffa6ea9703fb
GET /android.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: image/webp
content-length: 1096
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3351
content-disposition: inline; filename="android.webp"
last-modified: Sat, 30 Jan 2021 10:29:07 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:38 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3448848b512-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
95.101.10.171200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
Hash 349345e8baec106d74b4eb289b8d2b0b
5c4a724241c19e2de9063da2c3dc0c4a3366ea7a
a69d354aa4044e3786dc89e3a46f415276b8657f0caa8c8355b12558cfde8695
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: 5u3S8SQ2vBURIIW1wAHlf1ewj7O-VH6XVggEm945QBhoGAgQC4G-PQ==
content-length: 25911
cache-control: max-age=28800
expires: Sun, 29 Jan 2023 19:52:38 GMT
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.rodaslotjp1.top/capimg.php?3302
172.67.179.154200 OK 671 B URL HTTP/1.1 www.rodaslotjp1.top/capimg.php?3302
IP 172.67.179.154:0
File type PNG image data, 40 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash ee70b05e0f985eb8abb6a4d9ae38387b
5770fe6476602e6bd4711b859d6b99a97792ffba
90f041fa6a8195a104c7bd66604ea5e6e321a619c7dc69906ac88144586e91fe
Analyzer Verdict Alert fortinet Phishing
GET /capimg.php?3302 HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeQxJEjRFyzoaj1H3uD22CpsSs7JFZz6VoUlrxc9QFC2ohunKnNLLAwX4vA%2BI6kL7P9wTXt3FQTQhXuDcwBhs%2BmAbqsH3FSlGjhQqHMaqRrAI7CN4v4JhmrJ6b8x1PFd5SYqalmj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7911c3467f810b41-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/mobile-casino.png
104.19.136.75200 OK 4.0 kB URL HTTP/2 img.pay4d.info/mobile-casino.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4ec13dedac773682a95ad0357c883d9
ac08067b8b14c320590fd8e0d9f46fee95c98064
34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05
GET /mobile-casino.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:38 GMT
content-type: image/webp
content-length: 3982
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8816
content-disposition: inline; filename="mobile-casino.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:38 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa78b512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/bg.jpg
172.67.179.154200 OK 37 kB URL HTTP/1.1 www.rodaslotjp1.top/images/bg.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1901x488, components 3\012- data
Hash 1145bd8ece028a6dc860d6e4c9beb381
4b4428b004dd6417e8bb8a7b233b96699fbcb77f
1f7cdee463b68622bb20abd385228dabcf18affbdc355eed47ea84d656f42fe1
GET /images/bg.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/jpeg
Content-Length: 37177
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TolDd1CLOP2hQEvaCqcnl7oxIkfSeXVVUszcmpIzeKX1U3smUvQgUSnX4UUYPqNml3nKqQtpgTNY4HHH9EWoh7l5H%2B8lQSJzXWxlOIclKG1jgWXwkoiMWBz6fti6tn1AGecR%2FUP3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c345ebf20b61-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/upload-Slides-20220621191806.jpg
172.67.179.154200 OK 178 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20220621191806.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 178 kB (178056 bytes)
Hash 769efb2f7df98dca45305a581dae1fb8
af87f7d49038b9be0f25ae40141fb88c8f142df6
ab4c932821ad84d0f900b4b91c2b4562fac0fe3210928b25baa9850a2440e039
GET /images/upload-Slides-20220621191806.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/jpeg
Content-Length: 178056
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 12:18:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZAIeCo1iz1mtlRXjms9skiYU8%2BX5gTNNVVWcqLUFVN4zladgKK4vmYrq2O2njX1fdZkOWb%2BKmf7L9SoVTKcZzxCkSiJzhQKZ68HslcF5bdG1UjvvgI2y7YCdYTiLznYb5yu2BVw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3457a561c02-OSL
alt-svc: h2=":443"; ma=60
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12114207&url=http%3A%2F%2Fwww.rodaslotjp1.top%2F&channel_type=code&jsonp=__hnsixewyd1b
95.101.10.171200 OK 267 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12114207&url=http%3A%2F%2Fwww.rodaslotjp1.top%2F&channel_type=code&jsonp=__hnsixewyd1b
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 675c70fb393dd7c6f3b28a3507a8322d
bcd247d62519e5653bfa58bf8aaca65703968df5
f8f5e3c62d3ed5dd7999cddf3e9432981fbecb54554f977661a990be16660a33
GET /v3.3/customer/action/get_dynamic_configuration?license_id=12114207&url=http%3A%2F%2Fwww.rodaslotjp1.top%2F&channel_type=code&jsonp=__hnsixewyd1b HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors http://www.rodaslotjp1.top/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from http://www.rodaslotjp1.top/
content-length: 267
date: Sun, 29 Jan 2023 11:52:38 GMT
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Slides-20220614170923.jpg
172.67.179.154200 OK 154 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20220614170923.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 154 kB (154044 bytes)
Hash f93f4bc861b794bd482b461303163f98
95e11d2dbeb8e6862b3106ea38a82fae001c59c3
884741622555ee240bd01c1ffaedd6b89c413090e0d6def9432e63b6f659b63d
GET /images/upload-Slides-20220614170923.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/jpeg
Content-Length: 154044
Connection: keep-alive
Last-Modified: Tue, 14 Jun 2022 10:09:23 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOckKOiTxjtKxOXX7YkFzHFA4pkdTAPtyekKZVuB49f8YJotAAk2UNFW1dsezKJ7vJGnWzdtgsCvnQNhOOA5xHx2QzxaDMkyKD9CfiEQACcTAAy1Xf29OlqUdJanpna4KJtBL7s4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3468e9b0afa-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/live-sg.png
104.19.136.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/live-sg.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5fde10bbbfdf170112f4bc9859955ed5
e73a68c4221288b52a848a67801f9bcd387ba2ea
60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628
GET /live-sg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a45b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-war.png
104.19.136.75200 OK 4.2 kB URL HTTP/2 img.pay4d.info/fish-fishing-war.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5de4388ad28949bab321d81e8afd639b
320c986e3c630e937333639364dcf80ef7dc19a2
54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f
GET /fish-fishing-war.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 4158
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=10616
content-disposition: inline; filename="fish-fishing-war.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a4ab512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/logo_providernewn.png
104.19.136.75200 OK 23 kB URL HTTP/2 img.pay4d.info/logo_providernewn.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7d6a7641bdff382fd00a6f9c21a42aa1
8c3a482d06391d155e232d844c61a321e8f74dbb
fa1d88846de93439c5603d97da37187779c37879e3ba8312c9a36ed6d8b0520f
GET /logo_providernewn.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 22986
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=65682
content-disposition: inline; filename="logo_providernewn.webp"
last-modified: Tue, 03 Jan 2023 06:53:38 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa77b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/sport-sbo.png
104.19.136.75200 OK 916 B URL HTTP/2 img.pay4d.info/sport-sbo.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cae13d2cc7b31af8015e56b8fea2fc1e
27b5f0536f897c018485311e47acb4b6f28b5eac
d3373d5f14a658e23f379b60fbadf2d4439ffd043826cbe4f9efb13e7ac4b591
GET /sport-sbo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 916
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4025
content-disposition: inline; filename="sport-sbo.webp"
last-modified: Mon, 19 Dec 2022 07:31:08 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a47b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/buku-mimpi.png
104.19.136.75200 OK 734 B URL HTTP/2 img.pay4d.info/buku-mimpi.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47e11b51ac743eaa8cf239317b274ed5
2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6
e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6
GET /buku-mimpi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 734
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3014
content-disposition: inline; filename="buku-mimpi.webp"
last-modified: Sat, 30 Jan 2021 10:28:57 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a4fb512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Slides-20220106160028.jpg
172.67.179.154200 OK 409 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20220106160028.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2022:01:03 13:38:22], progressive, precision 8, 3750x750, components 3\012- data
Size 409 kB (409445 bytes)
Hash db56ecb897695599fa2bfca82fa1266e
41865a33dba81e93dd48abb0fc76ccdc95e0ef52
f30b5f7a2520fd6bfcd40e8382f4727cabb3142973a312ed7b769852965a3908
GET /images/upload-Slides-20220106160028.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:38 GMT
Content-Type: image/jpeg
Content-Length: 409445
Connection: keep-alive
Last-Modified: Thu, 06 Jan 2022 09:00:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfQEMdXaT%2F%2Bbr1UwACb8FCnXaxxcvWO4qiRUW1zKx92wrJ3j2F6Ji0M8tm1YVLltEMNyBotg7nK%2B7Sw1RouilCiOAQ50Yn3o6fjkXU76pkqtDllmXrEr3J8m9br5W7Rgi7UICdZW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3466a20b527-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/slot-jok.png
104.19.136.75200 OK 2.0 kB URL HTTP/2 img.pay4d.info/slot-jok.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3d6ce73337d8098402370b95ce184d6
f82824809e6fc6b5bc0696c7dce5942ab17abac5
21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3
GET /slot-jok.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 2000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7983
content-disposition: inline; filename="slot-jok.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a37b512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid-b.jpg
104.19.136.75200 OK 13 kB URL HTTP/2 img.pay4d.info/picmid-b.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9741a4d69d097af680b8022899c49aa9
ecca414b6289e5932869301daa6805a5d38b2308
436d03660070ea77bffbf80355fe6142589b56eb7f0d1087f08c656722680b29
GET /picmid-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 12984
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=33525
content-disposition: inline; filename="picmid-b.webp"
last-modified: Tue, 06 Dec 2022 06:05:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c339aa82b512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Slides-20211231173958.jpg
172.67.179.154200 OK 346 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20211231173958.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:12:30 18:10:23], progressive, precision 8, 3750x750, components 3\012- data
Size 346 kB (345463 bytes)
Hash 73788a0abb1cbc694c3aadb3b0395213
65d93352804d0563ac1eea6869568e420b609201
7223619d2a446f695a31950eb03d8aec3fbbeab4ce6cbcd60bf90cf8b7593f1e
GET /images/upload-Slides-20211231173958.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/jpeg
Content-Length: 345463
Connection: keep-alive
Last-Modified: Fri, 31 Dec 2021 10:39:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wtXCCSgjXyQai%2F0ucy4P0VNrwBE1Hhdek638g6%2BwFjInas5mM4X9sKrdLalpuRfZ85xOUr%2FlX0Uxpgz%2BhGXn3hYbPZ2259a2Uh37wUlp1EvOIYwU2%2FsGTPvN1swet5a6S54p6%2Bq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c347bbc4b50c-OSL
alt-svc: h2=":443"; ma=60
www.rodaslotjp1.top/images/upload-Slides-20220315120908.jpg
172.67.179.154200 OK 190 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20220315120908.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 190 kB (190494 bytes)
Hash 7939387a0d2813e295d4ddddcbf7715b
0731f851e7d003d2f286f39bc1f62384c312d816
17f6ef51a9870c86e1fd9e8d4d8ba2f097c587c2205e600782f10825c75cb64a
GET /images/upload-Slides-20220315120908.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/jpeg
Content-Length: 190494
Connection: keep-alive
Last-Modified: Tue, 15 Mar 2022 05:09:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y59v5f7S%2B%2B8Y%2Bgiv1tl5dnVHMtVi80FShMDGAAIV2zIUTWcVeSzMwduS2UHI4iWIXgi20YLk9nRSTdNfbqgqGHoUJg7O%2FxG75jmtr%2BeeVg53tI9A2f1gZmAPDDVyhb52kP2xY04"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c348c9b50b41-OSL
alt-svc: h2=":443"; ma=60
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12114207&version=990.1.1.2117.89.215.1.2.10.1.7.17.0&group_id=0&jsonp=__lc_static_config
95.101.10.171200 OK 2.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12114207&version=990.1.1.2117.89.215.1.2.10.1.7.17.0&group_id=0&jsonp=__lc_static_config
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (5667), with no line terminators
Hash af6112da6477d9b7efe39f47695c2486
f2d17be147afa7233350e93f713cd3a53b649b93
da5646ccb11d4e48bf96292de7020904047b1ab011ae9cf96cf6617aefdcc0fe
GET /v3.3/customer/action/get_configuration?license_id=12114207&version=990.1.1.2117.89.215.1.2.10.1.7.17.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 2015
cache-control: public, max-age=600
expires: Sun, 29 Jan 2023 12:02:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/psr-sg.png
172.67.179.154200 OK 5.8 kB URL HTTP/1.1 www.rodaslotjp1.top/images/psr-sg.png
IP 172.67.179.154:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 62f2ba4b9e6571ffa4aaff9df88a1363
062d797e0b0e5d72fe4c67326da651e98120d997
eb3dba84673c3872ef5b868fd31ad9eff4138e566609cfd9fea427d218bb1413
GET /images/psr-sg.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/png
Content-Length: 5752
Connection: keep-alive
Last-Modified: Fri, 23 Oct 2020 10:01:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXVDESqNGZYVRPnbRJuk2YT1%2FuSGnCFLkhn7cfFrFIuftfBG%2FaOIozD7KJwRCATpbEXSp8DYadQXQvGhyaXybLSORGlkjDa5JZmdULkQ76djKxr7JI5E8UP7zCW7%2FcuS7WejYIKH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c34d3bbab527-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/sport-saba.png
104.19.136.75200 OK 1.8 kB URL HTTP/2 img.pay4d.info/sport-saba.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dc335c8ab6468b47a49e492aa97af52
e8982a717f2557a1242a1dfd4511ceec6b47cd70
277b290785f86422c338396b72410c9dfb7f0672b608e6808f41365b3579f26f
GET /sport-saba.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: image/webp
content-length: 1770
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5247
content-disposition: inline; filename="sport-saba.webp"
last-modified: Mon, 19 Dec 2022 07:31:08 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:39 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a46b512-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12114207&version=13159fb2ee05429e3ae48a4031b3d0e0_e31120db4aab15a7f7adba3be62deada&language=id&group_id=0&jsonp=__lc_localization
95.101.10.171200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12114207&version=13159fb2ee05429e3ae48a4031b3d0e0_e31120db4aab15a7f7adba3be62deada&language=id&group_id=0&jsonp=__lc_localization
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11633), with no line terminators
Hash efee89158f0a68578271c969bb5f240b
26aa32ea87f385e0eee4ac243ba0fd2b80d4249c
4601301981e4c5c4d36d4246247bebd7e6433505ff9e1c0bbe0468180c517408
GET /v3.3/customer/action/get_localization?license_id=12114207&version=13159fb2ee05429e3ae48a4031b3d0e0_e31120db4aab15a7f7adba3be62deada&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sun, 29 Jan 2023 12:02:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
content-length: 4004
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Slides-20211231173921.jpg
172.67.179.154200 OK 351 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20211231173921.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:12:30 17:58:33], progressive, precision 8, 3750x750, components 3\012- data
Size 351 kB (351361 bytes)
Hash 9d934934d8fb22040ec191d9ccaa7bb8
15f7c6da9bddb6e82653ca92f570e73533aa610f
fe3dc11cb752bc38de4f830321d72baf7e6b43de16395960ad184c02dfa49e6c
GET /images/upload-Slides-20211231173921.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/jpeg
Content-Length: 351361
Connection: keep-alive
Last-Modified: Fri, 31 Dec 2021 10:39:21 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgeJvtQ2jMfhuLW1cCMQL%2F%2FzFcOqMBHz74RitUznmLODINFbuYvDeVyUXhFxcIms0JQFr92J4b%2FMUvVOYU9rvoNubepnJKb7vnzlALUZuYXHj2B2h8udpGEg4hO9%2ButOT1TO01tu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3495f430b61-OSL
alt-svc: h2=":443"; ma=60
secure.livechatinc.com/customer/action/open_chat?license_id=12114207&group=0&embedded=1&widget_version=3&unique_groups=0
95.101.10.171200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=12114207&group=0&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash e73532c0c660a631b8b058705ce26d21
ac886227ce8d418692c8496201f8bc76709b1a63
0ee4d5761027247228422c7b57c6727e95d065c52b4f68501694f1a41754ac03
GET /customer/action/open_chat?license_id=12114207&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:52:39 GMT
content-length: 2557
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
95.101.10.171200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash aa354a30c2b34b7c6ca4afb13c39442c
4e033c71e891ad3d60d7437c6e674c601260c66d
f4ffa5e37b87bda31ba0d2c7b64fe9939011588c3233c527799262be7169cf95
GET /widget/static/js/0.d619df13.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Jan 2023 08:35:01 GMT
x-amz-version-id: fr6Gz9d8KXQbrJuaQVT4sDUpSqjnuR9Q
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: DcjWrJ5J0UZqsGb4T2ZIU7t__E1ADvqdBmzVXTCZLmhoDUvGkFZlRA==
content-length: 14999
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 11:52:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
95.101.10.171200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 88298c1f3a966d806ce3dd802d2cfdb5
e19a54d47ddc9bd3ed805f6e5471ae2de613404b
9373f82e3b877dd04122dacfd587cb7f62562b53744142a734210c8af0a61dbf
GET /widget/static/js/1.242d30c5.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 Jan 2023 07:45:14 GMT
x-amz-version-id: Px6texczRRdv2H_bvm87pAIOH7z7Z.qa
server: AmazonS3
content-encoding: gzip
etag: W/"6cc6a8d0a347434070e1ae1406714b63"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: BpmGXFPk1aGvtFzUfSPoO8bfNDP06kQHquXkuVVoPBldkY4nhooSMA==
content-length: 69814
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 11:52:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 11:52:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 11:52:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Promo-20220310183820.jpg
172.67.179.154200 OK 215 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Promo-20220310183820.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3750x750, components 3\012- data
Size 215 kB (214680 bytes)
Hash 336772f5da15b5514f27d89d460e31b7
50c789e1bf96b36ed805f27ae7fac332322c03e7
13548e36be0537e24154e13da4638010f5ede7fcb2b63ca109d339553b7aa89b
GET /images/upload-Promo-20220310183820.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/jpeg
Content-Length: 214680
Connection: keep-alive
Last-Modified: Thu, 10 Mar 2022 11:38:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwWNiGkr0oB8JcYdv%2Bn3MDIBqncmIkGI258BjK15sRcuRkjvLPQjikwdEh0LkFjCwWg%2FtzXNPeVDMxchKQnlnVV0yhZADo6HBoSPUji1O3dQIjJKqzOOSLDwzRosVwdRv0dSJJJA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c34b6a691c02-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/banner/evomn.jpg
104.19.136.75200 OK 83 kB URL HTTP/2 img.pay4d.info/banner/evomn.jpg
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7cd05a35121d6c4af6ec438ed96e10c
6533486ee55c331d3dd348bcdcbf37ecd10e1e7e
d90573f6414e0e2951796b54b038343e5e8e4ce1cf16fdbfac22a4a95d802fde
GET /banner/evomn.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:40 GMT
content-type: image/webp
content-length: 83322
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=433485
content-disposition: inline; filename="evomn.webp"
last-modified: Thu, 19 Jan 2023 08:18:15 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:40 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a6fb512-OSL
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
95.101.10.171200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash cf5ae2da5b4c1fc31cc5a4832f86863e
b7ae103a7b4141aaecdd849ca812cdc7060e999e
0bf743f2034559d22187990a0bbdaceda0f922d1fdfdfb259f3781a51466a2a8
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Sun, 29 Jan 2023 11:52:40 GMT
set-cookie: __lc_cid=b217ce85-bc10-4efd-540b-88c9fca89b28; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 11:52:40 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=743a5a7ac83fb1f4df0a4766de171762e0f846b4bfeeded97102d49e87c3211ad8b5802c275e224c2ce5dcfc40ad17377a46c63127eb3ddc09921c08fa9d; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 11:52:40 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=b217ce85-bc10-4efd-540b-88c9fca89b28; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 11:52:40 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=743a5a7ac83fb1f4df0a4766de171762e0f846b4bfeeded97102d49e87c3211ad8b5802c275e224c2ce5dcfc40ad17377a46c63127eb3ddc09921c08fa9d; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 11:52:40 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1674993190&tag=9fa0fc7ec8226ea857fb616ca1f888799edb9456; Path=/; Expires=Sun, 29 Jan 2023 11:53:10 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
www.rodaslotjp1.top/images/upload-Slides-20211231174026.jpg
172.67.179.154200 OK 302 kB URL HTTP/1.1 www.rodaslotjp1.top/images/upload-Slides-20211231174026.jpg
IP 172.67.179.154:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:12:30 18:14:11], progressive, precision 8, 3750x750, components 3\012- data
Size 302 kB (301778 bytes)
Hash ce0cc0ea2b35f06226a11a5f24c90d2b
6e6bccdde13ba9a11871de5af0d79ce2aaa1a455
78e01ddcdc1fa614b104c4b459eff291591bef384a9bf7d0f3d8c224b0d74107
GET /images/upload-Slides-20211231174026.jpg HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:39 GMT
Content-Type: image/jpeg
Content-Length: 301778
Connection: keep-alive
Last-Modified: Fri, 31 Dec 2021 10:40:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BuvxZw0HT5JgXGc3FnKncjs%2Ble7UD%2B5quQEJfDZ9djmZ5o9kYyEsiXSj0XKf0vXmV5ilR5TUdWkb0b2r1sLR6AI%2BaNSVyfBgUzNuor5Lh9t4KD1ARLnJxDzb6V3hObk0PjWssVy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c34c4cfc0afa-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/slot-ttg.png
104.19.136.75200 OK 356 B URL HTTP/2 img.pay4d.info/slot-ttg.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3ce52bfdf47ac5aeec429c7d844f8309
20ecca3cdae26598825aca9d3180721585936d76
574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56
GET /slot-ttg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:40 GMT
content-type: image/webp
content-length: 356
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="slot-ttg.webp"
last-modified: Sat, 14 Mar 2020 09:33:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:40 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a38b512-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12114207
95.101.10.171101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12114207
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=12114207 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 07TioxWHnbX2HtDS2Yx0pA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: HgAINNPXqaO3tCbznfJAnLbdV7Q=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Sun, 29 Jan 2023 11:52:40 GMT
Upgrade: websocket
Connection: Upgrade
img.pay4d.info/fish-zombie.png
104.19.136.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/fish-zombie.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88304eeaf81e9ebd296a0d0e2ddb7be2
32c2c254dfa81406883e0507339c538a4af5ce3b
fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81
GET /fish-zombie.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:40 GMT
content-type: image/webp
content-length: 2760
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9384
content-disposition: inline; filename="fish-zombie.webp"
last-modified: Thu, 05 Aug 2021 09:13:00 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:40 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3399a4db512-OSL
X-Firefox-Spdy: h2
www.rodaslotjp1.top/favicon.png
172.67.179.154200 OK 16 kB URL HTTP/1.1 www.rodaslotjp1.top/favicon.png
IP 172.67.179.154:0
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash fcd83e4eac191498c446d3f4dbc209a9
16e29aba138bb4eaf8d2b3d29727d411dcf6ac90
dae0f3dcba83d3dc22fa11e342dcb7cfa5cc981c4edbf4e7f6303bdf356691a6
GET /favicon.png HTTP/1.1
Host: www.rodaslotjp1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Cookie: PHPSESSID=kerb2r03t2lf2tete7p3756b06; _ga_D3WR7HGLGB=GS1.1.1674993163.1.0.1674993163.0.0.0; _ga=GA1.1.1824737680.1674993163
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:52:41 GMT
Content-Type: image/png
Content-Length: 16063
Connection: keep-alive
Last-Modified: Sun, 30 May 2021 05:14:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzJPzO6B7WLlCS0KY2eQ4zayVou6Y%2BPnR4mgDz6hbAfVHPj0X0Q0tzIz68cW207dWL6mq%2BqY4%2FKesoU8ODcSyaftuixpHi%2FRV18uMfnatl1PQNvakLdlRB9H%2Fk0EujncjbJkmWLj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7911c3578ed90b61-OSL
alt-svc: h2=":443"; ma=60
img.pay4d.info/dlandroid.png
104.19.136.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/dlandroid.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a74bb516386bf584bbcb42de349db17c
8bb9f72b4f8d077bbe7319cb341bd9ef7ea8136a
5ddce943f364942ee30b1398175472ab116b19119a3fa7eb2815944162ccfb51
GET /dlandroid.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:41 GMT
content-type: image/webp
content-length: 2520
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5781
content-disposition: inline; filename="dlandroid.webp"
last-modified: Wed, 11 Sep 2019 07:36:31 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:41 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3436f1bb512-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-mg.png
104.19.136.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/live-mg.png
IP 104.19.136.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /live-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rodaslotjp1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:52:43 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="live-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:43 GMT
vary: Accept
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 13:52:43 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7911c3398a3eb512-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
95.101.10.171200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/iframe.73879adc.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:14 GMT
x-amz-version-id: DWqeOBaonG9oWcxGU0ZIpqeLsqrYCT6x
server: AmazonS3
content-encoding: gzip
etag: W/"90cad0f1a20bbe0c7b70af650ab7491a"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: MgLZ1iZ8LpNw3GUGmXeMSFOx05M7e3xvuc4-Sud2VVDGYvBOPceAhQ==
content-length: 228662
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 11:52:39 GMT
date: Sun, 29 Jan 2023 11:52:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2