| bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 | 104.238.174.8 | 200 OK | 9.6 kB |
URL User Request GET HTTP/1.1bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 IP104.238.174.8:443
CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeHTML document, Unicode text, UTF-8 text Hash7e3f8b2cdc74d962dd6380567b164839 6f987ae36d598cc17d46ae3d91228d50cf55871b 688a430ca75e476c83cec2989cad4b94db4c18919f24e3a04db8c84ae5cfd78b
GET /aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: text/html
Content-Length: 9569
Last-Modified: Fri, 22 Mar 2024 22:56:01 GMT
Connection: keep-alive
ETag: "65fe0c81-2561"
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/reset.css | 104.238.174.8 | 200 OK | 1.8 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/reset.css IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeASCII text, with CRLF line terminators Hashc2074f54548d3a792494a9ecf89ab540 40ec9d7ec09fb46cafc688ad39a1c440e98dabfa 52a7ea02e13eb37a355302eb6767a81f93ed49a238b4e4abb6e4c4b0fc0828fa
GET /aw/a/a/index_files/reset.css HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: text/css
Content-Length: 1809
Last-Modified: Sun, 26 Nov 2023 18:41:42 GMT
Connection: keep-alive
ETag: "65639166-711"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/main.css | 104.238.174.8 | 200 OK | 8.5 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/main.css IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeASCII text, with CRLF line terminators Hashcfb3307e49a4118dd7ba43de4d1e4371 187b35627c95a06c2c135a66bdf0052537f7ce08 26cb3c9fa6a1e0cfa9b261e6d149684a83a2926e5cd4062454560a462453c41c
GET /aw/a/a/index_files/main.css HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: text/css
Content-Length: 8467
Last-Modified: Sun, 26 Nov 2023 18:41:41 GMT
Connection: keep-alive
ETag: "65639165-2113"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/media.css | 104.238.174.8 | 200 OK | 1.4 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/media.css IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeASCII text, with CRLF line terminators Hashb52650cfedcca361a97a267e9ced3cd4 bcf3b6bb3d4964fb576e4a9453c7d4c48339ab5b 03f2ee2f4f12c617e8b577f897c4cd49b43e83e8ad1f4c01dbcbad7df232dba4
GET /aw/a/a/index_files/media.css HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: text/css
Content-Length: 1448
Last-Modified: Sun, 26 Nov 2023 18:41:42 GMT
Connection: keep-alive
ETag: "65639166-5a8"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/animation.css | 104.238.174.8 | 200 OK | 13 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/animation.css IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeASCII text, with CRLF line terminators Hashc02cb1619580d7b05678eacc83e1041f cc117679b2ae0d4514a21f31aa801829663decd1 13561506d34e15c1fa8ff62f3157159a759b9325485aabf0b47d795d6145060d
GET /aw/a/a/index_files/animation.css HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: text/css
Content-Length: 12786
Last-Modified: Sun, 26 Nov 2023 18:41:40 GMT
Connection: keep-alive
ETag: "65639164-31f2"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/main.js | 104.238.174.8 | 200 OK | 1.6 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/main.js IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash4d4b26e9afefe58eabf59a37e9eae0ed 97436e61bd6a00038b1ca4f37f53de660a476ead 948d40f8fe8a2cd1458aad34182e44e7da23568779e88ac57eda7810f7df6c8d
GET /aw/a/a/index_files/main.js HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: application/javascript
Content-Length: 1583
Last-Modified: Sun, 26 Nov 2023 18:41:42 GMT
Connection: keep-alive
ETag: "65639166-62f"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/jquery-3.3.1.min.js | 104.238.174.8 | 200 OK | 87 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/jquery-3.3.1.min.js IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hasha46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
GET /aw/a/a/index_files/jquery-3.3.1.min.js HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: application/javascript
Content-Length: 86927
Last-Modified: Sun, 26 Nov 2023 18:41:41 GMT
Connection: keep-alive
ETag: "65639165-1538f"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/responsiblegaming.svg | 104.238.174.8 | 200 OK | 2.8 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/responsiblegaming.svg IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeSVG Scalable Vector Graphics image Hash7c899a90effb9eed3d7c859cafdf0230 aebac3170833e6dcc70a5c278f673d73d893559d 12052812d4e481278022bb294aa379da01a13264c096329ac32f0d6ebbb8ab7d
GET /aw/a/a/index_files/responsiblegaming.svg HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/svg+xml
Content-Length: 2774
Last-Modified: Sun, 26 Nov 2023 18:41:42 GMT
Connection: keep-alive
ETag: "65639166-ad6"
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/18plus.png | 104.238.174.8 | 200 OK | 2.6 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/18plus.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 60 x 61, 8-bit/color RGBA, non-interlaced Hashaa403c19c8bce9b439066f54f5e18f90 d70053bf913f70c4375698c89304eef6fcfbc32d 0467576b0fad150f832219a35b1955628d4b01167a1ff0b65dbd6056d28b67af
GET /aw/a/a/index_files/18plus.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 2598
Last-Modified: Sun, 26 Nov 2023 18:41:40 GMT
Connection: keep-alive
ETag: "65639164-a26"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/chest-closed.png | 104.238.174.8 | 200 OK | 57 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/chest-closed.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 290 x 260, 8-bit/color RGBA, non-interlaced Hashfc8af1ab78bb423e2623b06d62b8a0a7 db478c5fdf1488a978f1e4a2d09eae53ef86b28a fce39aa10e7d39afcf436da54716ad4a83d20231112cc5e22260eeb742d3bf02
GET /aw/a/a/index_files/chest-closed.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 56644
Last-Modified: Sun, 26 Nov 2023 18:41:41 GMT
Connection: keep-alive
ETag: "65639165-dd44"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a | 139.45.195.8 | 200 OK | 697 B |
URL GET HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a IP139.45.195.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeJavaScript source, ASCII text Hash7b2b5fcc440c0eeaf08d77e12abe0790 09d674b0fa095628f913917a4049fae4b27f6c11 601686cc2d59918040a5ea0eddc73458c460910777af1868d72451fca256dab9
GET /p.js?f=sync&lr=1&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bonuswizard.win/aw/a/a/index_files/bonuswizardlogo.png | 104.238.174.8 | 200 OK | 26 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/bonuswizardlogo.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 505 x 161, 8-bit/color RGBA, non-interlaced Hash317a3173e9341b1aadcc7d0c62f98dc8 b59f524ea0fefb022247387227576b69837780d4 1daa66e01e058fc0f05ceeee827b882e2eadb35e451bddf5d8d66737b40794e9
GET /aw/a/a/index_files/bonuswizardlogo.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 25547
Last-Modified: Sun, 26 Nov 2023 18:41:41 GMT
Connection: keep-alive
ETag: "65639165-63cb"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/sparks.png | 104.238.174.8 | 200 OK | 20 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/sparks.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 613 x 724, 8-bit colormap, non-interlaced Hash73752c315eceb6ddd6b8d212f0f8f945 146a3b0ef9a5304cf768b2b09555041fd82f6d22 f47fc00309a6af71a145bf391ba6550c47f8949b61270aaab441dddcb9e6be7b
GET /aw/a/a/index_files/sparks.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 20132
Last-Modified: Sun, 26 Nov 2023 18:41:43 GMT
Connection: keep-alive
ETag: "65639167-4ea4"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/index_files/safe-secure.png | 104.238.174.8 | 200 OK | 4.9 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/safe-secure.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 169 x 61, 8-bit/color RGBA, non-interlaced Hashd92c9939301f0cac88ec7c584fcc81af 8318ba829effd3b54f9ef48eb7d3c0d24c109e4f 7b48cd35122c1e245c1b14a6e74a3c5372dba3a9d655ef7ee679840aa7826a2c
GET /aw/a/a/index_files/safe-secure.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 4917
Last-Modified: Sun, 26 Nov 2023 18:41:43 GMT
Connection: keep-alive
ETag: "65639167-1335"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/images/popup-bg.jpg | 104.238.174.8 | 200 OK | 39 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/images/popup-bg.jpg IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 626x365, components 3 Hashef2da9948829ba6d66069a2b2efdc772 4e6e23299f2ecdc8bdd4012c37ba37853854fe66 b097746e309c12e24ed7c4f721af943d33bd8d5bf5751ded172fedf5cb710e80
GET /aw/a/a/images/popup-bg.jpg HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/index_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/jpeg
Content-Length: 38829
Last-Modified: Sun, 26 Nov 2023 18:41:47 GMT
Connection: keep-alive
ETag: "6563916b-97ad"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/images/main-bg.jpg | 104.238.174.8 | 200 OK | 20 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/images/main-bg.jpg IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 612x408, components 3 Hasheb59d3796b450b3cc676aa34a7ae7592 67c71a048bd6cf9aef56ee92db76550c30ec82ee c15c3e2ad234b2fee5cd9aaebf5342b1ae9b77fb3406251c376e25b291f25a96
GET /aw/a/a/images/main-bg.jpg HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/index_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/jpeg
Content-Length: 20159
Last-Modified: Sun, 26 Nov 2023 18:41:47 GMT
Connection: keep-alive
ETag: "6563916b-4ebf"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/audio/fanfare-0.mp3 | 104.238.174.8 | 206 Partial Content | 63 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/audio/fanfare-0.mp3 IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hashf2c333e40a1d9f108b566ed14e83dd78 4f75f8e7c290b6c9f14f93699516b7097e5cc4af f7ca13295aa54ad1520ba5a6eac602d5cb0143cc5c21d4c12ef1fc03185b2bb7
GET /aw/a/a/audio/fanfare-0.mp3 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: audio/mpeg
Content-Length: 63390
Last-Modified: Sun, 26 Nov 2023 18:41:45 GMT
Connection: keep-alive
ETag: "65639169-f79e"
Content-Range: bytes 0-63389/63390
|
|
| bonuswizard.win/aw/a/a/audio/chest-open.mp3 | 104.238.174.8 | 206 Partial Content | 63 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/audio/chest-open.mp3 IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hashe3c0bd47437dd29cfcfb04fffe432144 ac015d81b9ae5f5ced5a8b40e624de24d8276bf4 bb729525208964ad4ebd3af5ed8c9f53db13261c32b5f3f9cb151eace4032fb3
GET /aw/a/a/audio/chest-open.mp3 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: audio/mpeg
Content-Length: 63390
Last-Modified: Sun, 26 Nov 2023 18:41:44 GMT
Connection: keep-alive
ETag: "65639168-f79e"
Content-Range: bytes 0-63389/63390
|
|
| bonuswizard.win/aw/a/a/index_files/popup-decor.png | 104.238.174.8 | 200 OK | 106 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/index_files/popup-decor.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 1230 x 625, 8-bit/color RGBA, non-interlaced Size106 kB (106071 bytes) Hash5273d98a3adac22754b77acf981a9fe9 022d2b9b917eb1cce2448d69ab44486c7e2333e4 1402b97b10c15f9453123a13b82134c0308b021750194387f9c0fe455b305bd1
GET /aw/a/a/index_files/popup-decor.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 106071
Last-Modified: Sun, 26 Nov 2023 18:41:42 GMT
Connection: keep-alive
ETag: "65639166-19e57"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| bonuswizard.win/aw/a/a/images/favicon.png | 104.238.174.8 | 200 OK | 17 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/images/favicon.png IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hasha03d32189dd9786c16b4173e78575a10 4fa803cf1690490d7f355cb60c5a48d0eba24461 308c53a46299ce924a68c433ad47a604f26cbd7a905701b9019a33e5e2406644
GET /aw/a/a/images/favicon.png HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: image/png
Content-Length: 16678
Last-Modified: Sun, 26 Nov 2023 18:41:47 GMT
Connection: keep-alive
ETag: "6563916b-4126"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| lemouwee.com/zone?&pub=0&zone_id=7254225&is_mobile=false&domain=bonuswizard.win&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=b9cc7046-ae29-447f-9608-d9529d42418a&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2lemouwee.com/zone?&pub=0&zone_id=7254225&is_mobile=false&domain=bonuswizard.win&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=b9cc7046-ae29-447f-9608-d9529d42418a&action=prerequest IP139.45.197.251:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectlemouwee.com Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8 ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=7254225&is_mobile=false&domain=bonuswizard.win&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=b9cc7046-ae29-447f-9608-d9529d42418a&action=prerequest HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-length: 0
x-trace-id: 5269c5d7af354e35b3abbbb0b3005f70
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bonuswizard.win/1158128.sw.js?zoneId=7254225 | 104.238.174.8 | 200 OK | 163 B |
URL GET HTTP/1.1bonuswizard.win/1158128.sw.js?zoneId=7254225 IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
Hash8d000ab944e075d360790b46a24bcff7 813e09a70e8bb281e49bf213aa70b79d6659633f 87f6d0b65eff96ca37bac6c2b7b94405a95320efda84bd07a8d7f4d11123991a
GET /1158128.sw.js?zoneId=7254225 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: application/javascript
Content-Length: 163
Last-Modified: Fri, 22 Mar 2024 22:55:34 GMT
Connection: keep-alive
ETag: "65fe0c66-a3"
Expires: Fri, 24 May 2024 07:57:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 875
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8bb7c8b5fe8ddfe4a18798729cfccdc4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 876
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 310b47705db0e2fdf197f671e5d9d81c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 873
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c209f4380f6fb19e9c5c3fe2aba6999a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bonuswizard.win/
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hasha2ca85a83458a58bbdf28d2278991c25 84c642171d430ea300785c817e08744b6953b3c9 2fee165630c5aeacf25d6af843d1371a61a63cb9d76814228dd34029cff37489
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bonuswizard.win/
Content-Type: application/json
Content-Length: 1415
Origin: https://bonuswizard.win
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bonuswizard.win
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=sync&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a&ttl=&rurl=https%3A%2F%2Fbonuswizard.win%2Faw%2Fa%2Fa%2F%3Fcid%3Dwj168mjn3qo96fq0jb604o3u%26camp_id%3D52d7a314-be87-47a0-ba57-68525843089a%26zone%3D%26banner%3D%26useractivity%3D%26browser%3Dty1%26zonetype%3D%26source%3DPropellerAds%2520-%2520Casino%26country%3DUnited%2520States%26cep%3D_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ%26lptoken%3D17c213a69411728d0280 | 139.45.195.8 | 200 OK | 43 B |
URL GET HTTP/2my.rtmark.net/img.gif?f=sync&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a&ttl=&rurl=https%3A%2F%2Fbonuswizard.win%2Faw%2Fa%2Fa%2F%3Fcid%3Dwj168mjn3qo96fq0jb604o3u%26camp_id%3D52d7a314-be87-47a0-ba57-68525843089a%26zone%3D%26banner%3D%26useractivity%3D%26browser%3Dty1%26zonetype%3D%26source%3DPropellerAds%2520-%2520Casino%26country%3DUnited%2520States%26cep%3D_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ%26lptoken%3D17c213a69411728d0280 IP139.45.195.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=e503977ee942cb34c6c4fb81d21e5fc15874ea75432469adfb8faf0e160c516a&ttl=&rurl=https%3A%2F%2Fbonuswizard.win%2Faw%2Fa%2Fa%2F%3Fcid%3Dwj168mjn3qo96fq0jb604o3u%26camp_id%3D52d7a314-be87-47a0-ba57-68525843089a%26zone%3D%26banner%3D%26useractivity%3D%26browser%3Dty1%26zonetype%3D%26source%3DPropellerAds%2520-%2520Casino%26country%3DUnited%2520States%26cep%3D_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ%26lptoken%3D17c213a69411728d0280 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08804833c3ba4ca9ee0c53a9ebde90b6; expires=Thu, 24 Apr 2025 07:57:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bonuswizard.win/aw/a/a/audio/fanfare-2.mp3 | 104.238.174.8 | 206 Partial Content | 53 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/audio/fanfare-2.mp3 IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hash10b8fc8b2627225f230468be5afd1036 8991e6dd344ef00b506bdc50d4408624dcdb065f cd004fadbdfb047268d19976f2abd0bd1d59a33014834468dd25984cb8ade52b
GET /aw/a/a/audio/fanfare-2.mp3 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Sun, 26 Nov 2023 18:41:45 GMT
Connection: keep-alive
ETag: "65639169-18a8f"
Content-Range: bytes 0-101006/101007
|
|
| lemouwee.com/pfe/current/micro.tag.min.js?z=7254225&sw=/1158128.sw.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2lemouwee.com/pfe/current/micro.tag.min.js?z=7254225&sw=/1158128.sw.js IP139.45.197.251:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectlemouwee.com Fingerprint79:AF:F5:E8:1A:28:27:C6:45:D0:92:C8:F4:67:CA:3A:79:D9:A7:B8 ValidityFri, 05 Apr 2024 05:06:29 GMT - Thu, 04 Jul 2024 05:06:28 GMT
File typeJavaScript source, ASCII text, with very long lines (36570), with no line terminators Hasha20bcaec96bee3dbd00db263a10489fd 2b938c0fe930489aab17567f78269f42d43e0555 b09a1860a090fc1aa1b482392060a3bb197d25044275dda41fdce5770ba758ba
GET /pfe/current/micro.tag.min.js?z=7254225&sw=/1158128.sw.js HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:57:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 08:30:07 GMT
etag: W/"66222b8f-8eda"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bonuswizard.win/aw/a/a/audio/fanfare-1.mp3 | 104.238.174.8 | 206 Partial Content | 49 kB |
URL GET HTTP/1.1bonuswizard.win/aw/a/a/audio/fanfare-1.mp3 IP104.238.174.8:443
Requested byhttps://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280 CertificateIssuerLet's Encrypt Subjectbonuswizard.win Fingerprint12:63:A3:4F:0E:BD:64:3C:32:61:CD:70:F6:34:40:4B:A4:FB:DB:19 ValidityTue, 27 Feb 2024 14:02:05 GMT - Mon, 27 May 2024 14:02:04 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo Hashcdc6929344cc435028f57a62baf84149 450d32550277be5eb44a5e71cbe4f2f0371fac83 137a249fa04df3cc5397b8396e30f56fcc37740f88d6cd1d9e5011b8b3f1155a
GET /aw/a/a/audio/fanfare-1.mp3 HTTP/1.1
Host: bonuswizard.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bonuswizard.win/aw/a/a/?cid=wj168mjn3qo96fq0jb604o3u&camp_id=52d7a314-be87-47a0-ba57-68525843089a&zone=&banner=&useractivity=&browser=ty1&zonetype=&source=PropellerAds%20-%20Casino&country=United%20States&cep=_ZQelpe3PO1mp8cTv6bt1Kud_RcVKPZSflPOKptrKnqc8Kmk51Vw6WG2-_QapGdSUMJ5m9vXKsJsON4qCkbhBZT0bmnDpGhLjzvepxOAoGAEkIzhTInNQffiXy98M8qD4FwxJhktmsEpS3Tsq-udhSoZz7LAuARbwTVUz0vn4TL3ZyCPtB4AopqHfViHE5FU4KEq4mTVjsEDVLQsSpCugkXsNigs834KxZOAcfAvggCP43msgv4iNb3Qazs58MN07wlcpOCRo-QBVKBlXWgyZ-TLfa0-EpZfRMXMbeuICd7M-qUBoAZaUyuxFYywcGsXAaaFWQ9P1aGdS9v5NBhSGnrxQGTOn5aOUemXNrvu3HS5-IIw2qDQ6CfXQXK7iDnYWjYKxLpLudbQp2AhIKqoxQ&lptoken=17c213a69411728d0280
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.20.0
Date: Wed, 24 Apr 2024 07:57:06 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Sun, 26 Nov 2023 18:41:45 GMT
Connection: keep-alive
ETag: "65639169-18a8f"
Content-Range: bytes 0-101006/101007
|
|