www.grandocasino.com/gaosmc/nz/index-uni.html
172.67.173.217200 OK 18 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/index-uni.html
IP 172.67.173.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2100)
Hash 9ec0f1e7685681f3c1c7c8bcdf425596
1b5a2646089e21506328883da72c2ce8ad432838
e17e08c1d99c3dba05d70154d91d5aa254facf74afab4bec81e858ab8e26fd9c
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/nz/index-uni.html HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: G/U2J+dJ/kP0Xj/BO3C617/xNBafYHkzHPThCYo8F2gzDaro5ld3RNxjhG+yvuRsgKEscvOIYOI=
x-amz-request-id: VJ5TJ0HB80WRY789
x-amz-meta-sha256: 848950975f58e74b435b128937f51d4deadc3fdc62a4e50611be0f07e5919f75
x-amz-meta-s3b-last-modified: 20220322T113957Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFPksrBCfVL%2FlzQV6H1PfrHqcTXIcmjcE4SKmj3ee8UQIWsyhl34P6ONIKFRRRCWxudhCcZIT9uSqnwo3%2FoDkHeTr%2B1fOkRICcM2amAoFmCqWzazhDMBsx%2BzqGZVcTIWsEfLlEe9cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad17ba6b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 03:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m4QzjUWMhNqX0HmDZQhkMfDqMzboyxGhchL7AXKdponvDsCgvxkoug==
Age: 2276
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Tue, 27 Sep 2022 05:39:36 GMT
Date: Tue, 27 Sep 2022 03:53:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2znGYxvYP-3-ICTAwOIpF8N7z_j1aOPN35KIbvFYt1eX2FNwce_Yew==
age: 83891
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:53:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:53:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.grandocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 00:55:35 GMT
expires: Thu, 21 Sep 2023 00:55:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 529071
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:53:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandocasino.com/gaosmc/nz/style.css
172.67.173.217200 OK 2.8 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/style.css
IP 172.67.173.217:0
Hash 005725c4c4b208228e2f9f2b994ad1b5
e4a6a3f7e75918c5a4b67ded44d37061bcb33f9b
7ffb390fbd93b3aa6917a0883f511792b6b258874cc16f09ac8468c63d1f698c
GET /gaosmc/nz/style.css HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: kSirmoRSFe9ji/ILp8hK2Wot7l7C9IN7z4CQtehKtbi3K1QaFRt8ip2cx5Pxr4IaXdmoeNL8tro=
x-amz-request-id: 21BMZ90W46VA5V3S
x-amz-meta-sha256: a89f7dbde33f58f204aa2cb2139233cfbc21578e57660c9cc7ac2a7a281244da
x-amz-meta-s3b-last-modified: 20180313T072908Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: W/"8608d2cc441998fed96ad7980a8b0ad4"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5oEbeGA6N80nuY57ICIY1RRzhdAhy12%2Bwsp5%2FcyY3QiYGaKA7fObEjeTpWrA00xLXhTM5KeqMEst1ZrAVOKNAMQB377J%2BWppxglp8Ejztf1kqFKjqyUA9eK2mmXwxY7SVEn%2FUsTKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad3bd16b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/red-arrow-right.png
172.67.173.217200 OK 1.4 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/red-arrow-right.png
IP 172.67.173.217:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
GET /gaosmc/nz/images/red-arrow-right.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 1362
Connection: keep-alive
x-amz-id-2: Xc84agdsb8owQ4mvO0gQOEqvfNOROILHY3MdcFA/brIljXKmxl17lT1/eD9oyeasH/66JOX1cEI=
x-amz-request-id: 21BP8ZC7J0KRPA07
x-amz-meta-sha256: 9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "881bdc037be8895ba5d8d53456890e7e"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzEUg65ep73HmdStbCJ3sJYoPe3bN1xgAHzilgztLw4m8fRXLoHFMzJlfSVPaa%2BZDYwRm4zISETwNKVIcpbNvWFr1J8sOVrnITM4KJtDgV%2BS5KKJMuelOxMjdCNx6qFnpRM%2Bac%2FZow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad52e6ab4e8-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/sounds/spin.mp3
172.67.173.217206 Partial Content 8.8 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/sounds/spin.mp3
IP 172.67.173.217:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/nz/sounds/spin.mp3 HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 206 Partial Content
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
x-amz-id-2: 5dO+d+vLcDfrAjBbA30nXHupL7ILFwNgHA8lcqoOBuL64oasAy1GtM6d3JGv/KIHsgVAIYVP+s8=
x-amz-request-id: 21BSPR0QC1S4RMDM
x-amz-meta-sha256: 9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
x-amz-meta-s3b-last-modified: 20180313T072908Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: "5a2e10964c7fea8b0181831184bc0d97"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-8783/8784
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzGvDMUkW2tW77%2B68rOcipFuLFrOVyXX5zv2Y%2F3j1dyJ3FcegFwsVZImDhJyXpQMF8kPmlMQDkie5Ye8ahfj6Zqgi19PONtRm%2FXuKLNc85SLkuU7Pr4ru0cpK0n8rTJe0sy6Sp89SA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75114ad51dbd0afe-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/red-arrow-left.png
172.67.173.217200 OK 1.3 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/red-arrow-left.png
IP 172.67.173.217:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /gaosmc/nz/images/red-arrow-left.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 1334
Connection: keep-alive
x-amz-id-2: 57J1x7ZVOGxx87t7SnyS//DZPFxt4hMdiXoE55HRqVgvl3hgSxBocskL73ohW8eCEhgxCCkk+sI=
x-amz-request-id: 21BV4RCTWD56W84D
x-amz-meta-sha256: 4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "92d3e482cacea857c5dfaf9fa3a21dfb"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpZ25SB%2BhVguKkJzFeo6y2N%2FaHsyJgwR8pYFzzac4%2BadXjeuhDjkd8TPSvKKoH4NSKBned%2F06RsH1CUbCXd1uRZOF1uThZ4jv3eF4GX%2FWFUjVlvjYNt3TAY5rSTeUbiDzbKYJ12vUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad52d570b3d-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/alert.ogg
172.67.173.217206 Partial Content 6.1 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/alert.ogg
IP 172.67.173.217:0
File type Ogg data, Vorbis audio, mono, 44100 Hz, ~70000 bps, created by: Xiph.Org libVorbis I (1.3.2)\012- data
Hash c24ec40453460f0d5617767016ebc7fe
c360aea4f0d0a34920ddacd376503734142438b9
6c24b85e36500836887748ab5fcfa2663bd6ab39d28f73e75aa5a669bf9386cb
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/nz/alert.ogg HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 206 Partial Content
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: application/octet-stream
Content-Length: 6061
Connection: keep-alive
x-amz-id-2: JqJ7r5ohShPJtRyIVY+Z7C64rLdqimjaD6AGDD4Ae5o8baFxFKDv4U58GjPUr7cKke105Moi/es=
x-amz-request-id: 21BMP9B3BR2WCBGK
x-amz-meta-sha256: 6c24b85e36500836887748ab5fcfa2663bd6ab39d28f73e75aa5a669bf9386cb
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "c24ec40453460f0d5617767016ebc7fe"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-6060/6061
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE5MUignxmTJC2%2FTdOtx5TJ6y7PeW5udq6rrib2Yo6Hy7FmxydzxUOHfClhxnydKMLif6U4RMyWwTSXXV1Lyfx6nCvJPGqoKaDrG6qtyR2ayJGuLD1Nwb5JE49Il5bhnBBqKodixHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75114ad5290db4f3-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/slot-win.png
172.67.173.217200 OK 14 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/slot-win.png
IP 172.67.173.217:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
GET /gaosmc/nz/images/slot-win.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 14391
Connection: keep-alive
x-amz-id-2: HtZ6r2IQIWNwf1epB+bKiEqJPTqNBVzpFoN554F/cU8BWXnO+j5O7RmlOTf+YXwwT4Wa4MLCUME=
x-amz-request-id: 21BJT3AHV2EEXVS2
x-amz-meta-sha256: b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: "939b6a73c96383ac0842317037f3a0f0"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjM%2FtHUSutYTBzMHVNP3z1BUtWoJwcc%2FFuIeuB%2B1FbySGyzXBYWiiS6j2pNJ6a9WSu4L6o8t0GKsHDzedgBk7ZMuYkoKmYLzsfBhyyvM1lWITSjMOWrY%2BFZ2qtzi7n%2FcyYNVWPCiAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad52e820b61-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/sounds/win.mp3
172.67.173.217206 Partial Content 10 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/sounds/win.mp3
IP 172.67.173.217:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/nz/sounds/win.mp3 HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 206 Partial Content
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
x-amz-id-2: 4AEGyUAdaloXrNHHQ92MYi8DCH3mKubl+X9Lz5a0i1bBqL40M3uz69kUazqM9RNaDOp2cgUlwtI=
x-amz-request-id: 21BW4ZMNGX9MGDAW
x-amz-meta-sha256: 635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
x-amz-meta-s3b-last-modified: 20180313T072908Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: "bca40777013dec4a99eaa8b0b98a7fef"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-10390/10391
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyX74euhnG%2Bnf08sWvivef3vSJcoZdLA0OcYNVwWTqhA8j9jJnOJQEXK5mYJ8mlk6CkGCpDRQPyJWbXKl1PjH3UT%2FcLHILFvWLbjs4DgtCec%2Fij0FF%2FPZ4I7aYNqNWyrEKAPUULtMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75114ad51905b51e-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/NZ.png
172.67.173.217200 OK 1.6 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/NZ.png
IP 172.67.173.217:0
File type PNG image data, 50 x 40, 8-bit colormap, non-interlaced\012- data
Hash 3a1a2483ec3b9b38ff96f9a268b2e611
5c152bbb7ded168d12258d01a59592f83c381901
cee9098d7d0cc99bb9e0019c12fd907d2bddd630207fe82def83bc1fac506fdb
GET /gaosmc/nz/images/NZ.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 1621
Connection: keep-alive
x-amz-id-2: nXroGNS8KZUcrERXU/bgJZGPBIiymuB7zk0w1LqcU92+bP/NI9+mW8+X5jqH6GbWax09gVLCVJo=
x-amz-request-id: 21BZ0PE0HBWJANHB
x-amz-meta-sha256: cee9098d7d0cc99bb9e0019c12fd907d2bddd630207fe82def83bc1fac506fdb
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "3a1a2483ec3b9b38ff96f9a268b2e611"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A77tKYPdcI7ogm3oD%2BiXDbfuhE6ERYKLfyJGGB66I3VbcfdkzxkvjdL6XWLBIa%2FAQLQQkR0IUtQZBz2VG1JqbLE55SQ7V51qGtMpZ8F%2Fdm3ovTRfIGwtSOrh%2BrzH6wWNdNpZRHQAjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad5fec3b4e8-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/arrow.png
172.67.173.217200 OK 154 B URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/arrow.png
IP 172.67.173.217:0
File type PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Hash 4daf12b0677dd9ae8923d3154187d1d8
d20e8f0a0c1a72d20cd421ba5e162ff938896e51
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
GET /gaosmc/nz/arrow.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/style.css
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 154
Connection: keep-alive
x-amz-id-2: 6+mtzy2S+z4mdw26zYKavjWrEFhrfMuxZBmt0rt00plj8HFrPFXDoY/IqwDDzFpIcsjh3YYoznw=
x-amz-request-id: 21BPZP2X02Y9AXYF
x-amz-meta-sha256: 5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "4daf12b0677dd9ae8923d3154187d1d8"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FroSuSfWLcSy3w0C%2BGM6hRdDb5go9BE1Hr8WBA7dXEohR2vKZ1f29OT9PlHBq6nAAsSsa492Gucv2479JL8kcVykWHo5Ie3mjNHdu9GDU1sf6SKbWjgwkSPEzIpgrkLKU0Z5Ru0pg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad61e340afe-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/slot-result-1.png
172.67.173.217200 OK 20 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/slot-result-1.png
IP 172.67.173.217:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
GET /gaosmc/nz/images/slot-result-1.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 20370
Connection: keep-alive
x-amz-id-2: TTmh2H1Sy594BOjiWEn/Mb9ErJ5XNzdutMBSj84T9N7wavIPMy52iI9Fjx/E97mM35kwHBaHfws=
x-amz-request-id: 21BV478N7EHZJFDB
x-amz-meta-sha256: c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0GzO8Eo8Y5tUqyAMzaVcCiruWhMpC66MgWMUI9rJNt7MzrQ2fUfAtYIzAPHeT6wpqs%2BoqP5sJmzEgeoy0jEhLUpEvIYWOU9IWGbjQagFBJPpTLTQ3oXB2J39AZjUblTYXEz%2BXd%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad63a02b4f3-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/slot-start.png
172.67.173.217200 OK 26 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/slot-start.png
IP 172.67.173.217:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
GET /gaosmc/nz/images/slot-start.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 26084
Connection: keep-alive
x-amz-id-2: RO78s1pS8fO/GZ1ytVsITmrOruXVqIpxEwi3As0g/iy80d6X+JVZ3fQ3BNXlgoXsemW4Z2k8OwI=
x-amz-request-id: 21BHEZ7Y6CPECAJ4
x-amz-meta-sha256: efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: "f491647556e492de92530b48827690aa"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTEkCrYmHTLHrKuEPC6OwfKRB0k%2BoVTxMzBxWPcgBVP8Bzl2b8dAWPboKMLjmN7KRk%2BFnbQh91rbXYmWpl1ECLkPzWjIMpVw0WyyKhbkJ7PcahXeaBji7aifHX%2BGU4q%2BRY48IeKwLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad62de80b3d-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/slot-result-2.png
172.67.173.217200 OK 27 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/slot-result-2.png
IP 172.67.173.217:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
GET /gaosmc/nz/images/slot-result-2.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:26 GMT
Content-Type: image/png
Content-Length: 26733
Connection: keep-alive
x-amz-id-2: ubFszXNRwKtHJ4PkDl7dtYD9m9SNQOKHZIrS88rt0AOFAhxGFBgpvgg/xGXzqjKqDf06k4leBtA=
x-amz-request-id: 21BZ4M5KFV4B42EV
x-amz-meta-sha256: b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:29 GMT
ETag: "b6ca0bfea4d0cec334f128f5c2c44cff"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCloYUlzd3LslGbezGdvE7Rn6gWVVDoXdTbYVCXwLMaCf%2BUW5om0JwqMKst9jR2YUaV1GmpDkEJGtxr8K1B3opm5Ik0jTVIN9DuTUWk8hADiBaHX1c65pcDC8uVIy0LjMn9i5wBHZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad63a01b51e-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/nz/images/slot-spin.gif
172.67.173.217200 OK 88 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/nz/images/slot-spin.gif
IP 172.67.173.217:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /gaosmc/nz/images/slot-spin.gif HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:27 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
x-amz-id-2: U1pqRj34HYs4braiRVdDeNCyjnRP1x1Ag+JGMfYaQRXnNWs6vfnqYnSA3CLRcuRcHDKNvcmvhHA=
x-amz-request-id: 21BXBK92PDHGQG8D
x-amz-meta-sha256: 7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:30 GMT
ETag: "617c16c5e04c8603dd7f157862b1c682"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgNyjrJJbq7i9pS5bf4R7TK2n%2BJ8ia35jVYP3P2Z7ChMXba0Wk3J3I9dz5jDF6FgkH4Jy5trddeMdQp68vyRuOsEsrf9xH95GPMOVegEEOGD3JTjXq4LsXEkNYr83XvHGmaEtZfxgA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad63ee40b61-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 03:36:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u8SONuuG6yFhC5GBXERbqOx9WEZTCEpu3b63m0DnUU417j1cdZeyxg==
Age: 2561
www.grandocasino.com/favicon.ico
172.67.173.217200 OK 782 B URL HTTP/1.1 www.grandocasino.com/favicon.ico
IP 172.67.173.217:0
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 0eb09e517a8926b7ec88482888207ff5
3f35d319e506fedd07d84dd917b8554572824181
813cc72cbd0b9941988902a6863ef9e7668511c02a608565c114a2633f10bbce
GET /favicon.ico HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/nz/index-uni.html
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:53:27 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: DYBt08yc5y+mxszlR91VsmmhkBRSC7WySrcwoeZbIxRrJW2xEjYsIuUflrWC4+MxycCymUhLTcI=
x-amz-request-id: V12AF3DD96V40B1R
x-amz-meta-sha256: c067dca3930f1e036863be5aa6931b483993fd6f4a47ca31b9ce4b484db1d72a
x-amz-meta-s3b-last-modified: 20170816T092424Z
Last-Modified: Mon, 29 Jul 2019 10:53:17 GMT
ETag: W/"1371ff7c9175cc599bb8ba2a169486ed"
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdH8nxPYK0K6AEAfM61XakJy1ZgsdcOTcUcIp4tn1F6N76%2Bbnlj5uFNZ3JYi1fUXunkvmHEbsWxOYQmSGnG6%2B6uxDmBBrjLrjdJNA7c9zGxsnFRCbPtKmv6iloSwzNhmptxhJS1GEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75114ad81fa40b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4839
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:53:27 GMT
Last-Modified: Tue, 27 Sep 2022 02:32:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h8cQJMxWJLcSW/9+vJ/Djg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HLEf0snRsbF9P/GPfzUldRPMdgA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:53:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1f571f5fdf5233ffa70132a4504d4fe
1b5f002272083d5e19b5bd18d503f49635b771e5
4563ffe63e1d043c159648a72d9f4c59a3b0fe40379254848a52c11a4f1a6511
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 6dfcf2e6-a528-47aa-8ae8-7857f08dac7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y13ElHLzIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bd21d-1317b6f73d15a209545f80d6;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 03:10:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Eh_pKXNcEmAVXN5vl2i9chmz6U-PtBHTLfS04OSmkuYa7-e2vVl7nw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 18:10:41 GMT
age: 34967
etag: "1b5f002272083d5e19b5bd18d503f49635b771e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e56f576ce4c320252cd028a38a1e4bde
8fbe2856a3e05ae7c45f4e35944d2835d47e4284
dc5783e5d50e89d2b9c72dea55751a64157dbc9ec9be85383a6df10b5ec1a602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 5b86b092-ff60-476c-855a-d32d5f10f115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvz1CGInoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296686-79e9a4cb75289e1b0785d4fc;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:06:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7k1682yCSjI5mtQhFZ8S1eSMo2qYEd7HF2T58X3cbCV2112QE46zXQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:33 GMT
age: 21835
etag: "8fbe2856a3e05ae7c45f4e35944d2835d47e4284"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d478b7bea64d1a5998967c0a665e6be
b078452d30703ea98ad4a7f7fd411b3e2a42ee71
24158d741732109ae2be7314205ac35f4c8b29785876f2785e8bb0ea906762b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: 0f9703c5-5551-42a6-a77d-cc79af4987e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B6GYnIAMFYfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-7f7652a01d32fb907c8ebc68;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1lCA7nBGuXynUhqaMQHCj0hl3LcOkYF3mU99nOxl6eheK6DKzMtB_Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:27:42 GMT
age: 8746
etag: "b078452d30703ea98ad4a7f7fd411b3e2a42ee71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DOGgAd_xj2i8voN9BHwGJjwhXdYxOeboE9r1Gfk_okEB2PA25L3nVw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:34:22 GMT
age: 80346
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-6P09-hgjmDFe4Y7P1KnXtJAuvJNen8XsBVIexf521SOxMivJ4t7A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:53:33 GMT
age: 35995
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 584a2270-56ef-4f46-8ab2-dc0e519b5f45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLfEfoIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157c-12f8e8e31318d2da70796520;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bDpP2pZgrMz5bH_vy76SvyPojDGhPIHfOtv2i4dfHCs1GUuSZVC87w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:33:24 GMT
age: 19204
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2