www.instagram.coinexa.pro/
190.115.24.50301 Moved Permanently 568 B URL HTTP/1.1 www.instagram.coinexa.pro/
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Tue, 06 Dec 2022 07:08:53 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.instagram.coinexa.pro/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 06 Dec 2022 10:09:33 GMT
Date: Tue, 06 Dec 2022 07:08:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7086
Expires: Tue, 06 Dec 2022 09:07:00 GMT
Date: Tue, 06 Dec 2022 07:08:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 431
Cache-Control: max-age=98976
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:38:30 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WNLYXJD29EsxBcgMGgfS5zlMPSJKhcsuyDfQpe236SAefh87NVN44cUwQziTMQzK+HAC6hpEpcg=
x-amz-request-id: AAPDYBRFPA25DJEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 06:47:00 GMT
age: 1314
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 06:20:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2912
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3fa6f25c86920dc545338307a5c102e6
a8c8776d3eb2775b1442eda6c8d023f3e4b918aa
aab3fb3a1a4cf062d2c1b122dd5055eefc7271e83a2a5868f30b943faa878fb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAB3FB3A1A4CF062D2C1B122DD5055EEFC7271E83A2A5868F30B943FAA878FB5"
Last-Modified: Mon, 05 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Tue, 06 Dec 2022 13:08:03 GMT
Date: Tue, 06 Dec 2022 07:08:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 06:11:20 GMT
cache-control: public,max-age=3600
age: 3454
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 409
Cache-Control: max-age=93887
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:13:41 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e2107c2ddf5053c05ce95bdafcf41b64
6dff0b17b3c93064b25816d2ac367ca3268e4934
07b72d721b7fd4a4f4dbc2e54c6013361aa7bd14ee9bccc9903d0fbc3a020385
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6369
Cache-Control: max-age=143791
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Etag: "638e6054-117"
Expires: Wed, 07 Dec 2022 23:05:25 GMT
Last-Modified: Mon, 05 Dec 2022 21:19:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/9aA3vbzouTc
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9aA3vbzouTc
IP 142.250.74.131:0
Hash 058cc770e4d1bac86a962f521f22c09f
25adfd29f4d4060ad90e367bee4081aac03f0152
a31266a09c7e01e3a0add7906c99d334f66d16bbf81030998d82e6e00bf5db67
POST /s/gts1p5/9aA3vbzouTc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-174162538-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-174162538-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash e407088ce88537009f65add5d4c055d0
903949aeeb9c329fb2258ac447c37731fc231834
e5e5a03d32ca9af82011809b6dafaece91ae46edb90f51672025a2d43f1a1ecb
GET /gtag/js?id=UA-174162538-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 07:08:54 GMT
expires: Tue, 06 Dec 2022 07:08:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44737
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-1win.xyz/1.txt?1670310531847
104.26.11.233200 OK 8 B URL HTTP/2 cdn-1win.xyz/1.txt?1670310531847
IP 104.26.11.233:0
Hash 48cfef8b3001a8c220dc815870f9916e
b77e871e72a3083c4bb31d6bcb5a257557181269
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
GET /1.txt?1670310531847 HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: text/plain; charset=utf-8
content-length: 8
last-modified: Mon, 05 Dec 2022 13:54:31 GMT
etag: "638df817-8"
access-control-allow-origin: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U2BQ4aZ9gAZKcCWWHiBfzJhFjONjCZyqeib62UZNMShOKT7ja9edi6bvikQBBsxf4ZvcD4b60yj7a5nklnvbPbtxXQQFoUeV7zRM2U9rLc2VcakoXimnTq8jQvLnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753316b0d74b4e8-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rrL3+K6TxQw/rS3rlBUYTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uJhsJrIjuyxjYFLMMy+BxelyPwU=
www.instagram.coinexa.pro/fonts/SFMono-Bold.a6fc7821.woff2
190.115.24.50200 OK 39 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-Bold.a6fc7821.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash 101b83551b117149bf32f05501fdaeaf
a90e1579175e2bb5f641d5d48c1f7de6de7d4936
406aa2db19bdd6fd8f98cf5d37168c841c4f4c181058d666415bde772ead8b91
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-Bold.a6fc7821.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8db0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
app.chaport.com/assets/audio-player-1e5878ea90fc82e15321f06d1fae432b.js
172.67.68.188200 OK 14 kB URL HTTP/2 app.chaport.com/assets/audio-player-1e5878ea90fc82e15321f06d1fae432b.js
IP 172.67.68.188:0
File type ASCII text, with very long lines (27239), with no line terminators
Hash be713149987a1b96b8649aae0620a53f
31d69790bccc25457eea1bd0f38fec7ab79ed07f
b87f96029a949c5d237dc68fbf141f4bc2bc84414f18deeb409cf82fc0432b19
GET /assets/audio-player-1e5878ea90fc82e15321f06d1fae432b.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: application/javascript
last-modified: Mon, 06 Jun 2022 08:42:07 GMT
etag: W/"629dbddf-1fed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 15717253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL8KD%2B7jRhGtek142LWRc4C8YQ0EpP55Q%2FhNJyhiCmDFBVYPe5ULd5x7T50Ak6B05nmuiyKeLCpQFJSfe%2BAFtasitN4r26KUPdGZ7uSiQkUYXB4G5%2B74hkk97M9aydWwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753316e39a6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/fonts/SFProText-Regular.c7e2854d.woff2
104.26.11.233200 OK 94 kB URL HTTP/2 cdn-1win.xyz/fonts/SFProText-Regular.c7e2854d.woff2
IP 104.26.11.233:0
File type Web Open Font Format (Version 2), TrueType, length 94424, version 1.0\012- data
Hash c7e2854dfcedf02e21c78e34bd7a7141
ae1745c4ddc78c12ce7602469ab5e4d515fabd60
8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da
GET /fonts/SFProText-Regular.c7e2854d.woff2 HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Referer: https://cdn-1win.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: application/octet-stream
content-length: 94424
last-modified: Mon, 27 Sep 2021 12:25:52 GMT
etag: "6151b850-170d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odDnblahRS0Xp5DCNVxrQxedSOEcTVzfDqm8m0Z0sAez%2Bz6U65EiV0garEJCmvPmIMUXiUVVnoC2m1C4d5pYp838VFcKwHWs4XgMa%2BXfZNc9aQPRLYIImd%2F7LiuSMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753316f0940b4e8-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 06:41:08 GMT
expires: Tue, 06 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 1667
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-Bold.33802914.woff2
190.115.24.50200 OK 180 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-Bold.33802914.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 180 kB (180253 bytes)
Hash 06e74176c01d9a061dba0b4e4aa73f71
e9b08263b35d00df6f835b06f5948ad578edf55a
5eeb1c8d065acdb6df3d04a2bc697be72f6f9338df7af4daa373df0b85fe4550
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-Bold.33802914.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-18198"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/firebase/8.1.1/firebase-messaging.js
190.115.24.50200 OK 18 kB URL HTTP/2 www.instagram.coinexa.pro/firebase/8.1.1/firebase-messaging.js
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (40719)
Hash e84bbb571d1d9efb682db7b2ea473b1e
a8ff74f51d0423b823586f6ec3e450521e267f8a
16095d13586895ccf1ea59b7be884805255c6f2ba5e2df2aaa3d94fba3ae1471
Analyzer Verdict Alert fortinet Phishing
GET /firebase/8.1.1/firebase-messaging.js HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-9f53"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-Bold.8e175b47.woff2
190.115.24.50200 OK 103 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Bold.8e175b47.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 103 kB (102673 bytes)
Hash 3edf474bd94965ca7edcf3911b182684
ac457dfc1c32a9e9f6e1e7c844d140053af184ad
d95a00ebe822d70633d51974bd195fea55cb01d0c8911baf58b337eed3433772
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Bold.8e175b47.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-18fb0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-Semibold.211b9d52.woff2
190.115.24.50200 OK 113 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Semibold.211b9d52.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 113 kB (112976 bytes)
Hash 7424d770bb04460ace2ec8b0471f6336
8256842e428b146c62c474956febcd92cb054e37
e67b944e93e3aec956fd5ca8ca317c4670d4df992e1b9006dfc7faf469775213
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Semibold.211b9d52.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-196cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
app.chaport.com/info/asset-name/js/insert-main?jsonpCallback=true
172.67.68.188200 OK 11 kB URL HTTP/2 app.chaport.com/info/asset-name/js/insert-main?jsonpCallback=true
IP 172.67.68.188:0
File type ASCII text, with no line terminators
Hash 7748e7823dccff999895b6f81950905f
e9b3f3faf39f24bac5f7b8a84f8b5f9fcc3a7921
692549d5810b0b96d7736418ea4fe7929aabc6559ae5d25e40f7c3f0c504467b
GET /info/asset-name/js/insert-main?jsonpCallback=true HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
etag: W/"55-WjNVOuHS+A6cPPVTnGI2qazwoF4"
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nic%2B5TBJR0NCDnopDtZBP0jN3TPR4PAxsAt51xPF8wT2GMTlBOaaUjddaErN0cKhCUbse51srgtaYQ8efzqyJfWddQqU%2FLyCcsPsRf3xKPfMTP4QRZAzS8J8pej%2FNh0kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753316b1ee9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 86a2ae48ef90660eed177c9aabde7f2b
3a48c25fd0cbd105076ef957ca5365578d7c0d61
8c05ec850cd696f50e6c07330a413226e1fb23764f8ca211a4128ec2563e1859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C05EC850CD696F50E6C07330A413226E1FB23764F8CA211A4128EC2563E1859"
Last-Modified: Mon, 05 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 13:08:54 GMT
Date: Tue, 06 Dec 2022 07:08:56 GMT
Connection: keep-alive
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 698 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash 62a61ca6cecab5dc5dc61720bff935ff
e2dd89edaee43580cc37d5e797c0d71fc1fbaee4
fb44685395f4edf30e05a37721f2b60c7ad80d763ae9f99a0a14377e4a1499be
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Authorization:
Content-Length: 38
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.1.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"122-hlxF2ljhMNJsVA/sZrg9jVda0uA"
set-cookie: core-sticky=http://10.233.84.86:80; Path=/; HttpOnly
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-1win.xyz/css/desktop~mobile.5fd1ab68.css
104.26.11.233200 OK 2.4 kB URL HTTP/2 cdn-1win.xyz/css/desktop~mobile.5fd1ab68.css
IP 104.26.11.233:0
File type ASCII text, with very long lines (9417), with no line terminators
Hash fa610f5cb0947892fddfd52b42b80034
11d7a973b4ce70e60ed7c136fffc91118f7bfb4a
16a9f6a1c3ef0a05355cefbe62b225f2e2b95655dca2424ab7344dbe82d0e136
GET /css/desktop~mobile.5fd1ab68.css HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: text/css
last-modified: Mon, 12 Apr 2021 11:03:43 GMT
vary: Accept-Encoding
etag: W/"6074290f-24c9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snHsB7fwQv5jb%2BFF%2FPyUqj%2F086u6tnVIIuZOFkbHNhSDzwaR5tb50gFsQ%2BtGxgZi4k3AfSJNfuW2QznzWiN8v65%2FrIp%2BrRCEOhtRu0JdjDvih%2Bni3AmobVowdATqqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331729ae4b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/js/desktop~mobile~vip.2dc49d52.js
104.26.11.233200 OK 710 kB URL HTTP/2 cdn-1win.xyz/js/desktop~mobile~vip.2dc49d52.js
IP 104.26.11.233:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 710 kB (709704 bytes)
Hash 099da5d0cad328440bb8e699b99a2d09
672dd5e33f9dd923828b44ab9a4bda2becb63c0a
3819601f6d2f62148186bc9f5d7d8835bdac6721738d9aaea0adfbec344c2f34
GET /js/desktop~mobile~vip.2dc49d52.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Apr 2021 15:31:43 GMT
vary: Accept-Encoding
etag: W/"6065e75f-187d57"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4GV2u2xkyXBm1cE568K%2BCBviqoAk36XKdjsSbR%2BCtoFBH8NxMJAEHbnq0%2FITXEoDmF9HRzdQowCGAEDTITXkSxL5SEx3MGQJKabz2%2Fnkoimld6eWgmnVXD77vvAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331728ae1b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 32368
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-1win.xyz/css/desktop.79caf9dc.css
104.26.11.233200 OK 24 kB URL HTTP/2 cdn-1win.xyz/css/desktop.79caf9dc.css
IP 104.26.11.233:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c0f19cc7cb471f510993313ea71486ad
1e1087c6b72280fa96a082ce9959d009ef57b691
efd98db9bd138c8e929379987ea35e137148c6b8304aa0975331539c635fae06
GET /css/desktop.79caf9dc.css HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: text/css
last-modified: Sat, 10 Apr 2021 10:32:00 GMT
vary: Accept-Encoding
etag: W/"60717ea0-18621"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nnvy6E3%2Bj2KcmxTn8QRQAnTkb4MmC1OxZNmMglYfUiwL8ZxsUoNwlfOQmSdXkj6gb%2Bjq9O7yh2U4ITjIAvElttK9%2Fr%2BG3BemijzTTJmtCnc%2BnM3Y0P6m0W%2FTfRahVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331729ae7b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 33625
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: c1a43d09-3653-422d-99a2-fe6469bc4bcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzsG7BoAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e4-27f51f1e5f786838157d1ee5;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VkYlpfFF-t9c_vWc14oqmL9Z6o6lA1_TqgXk4VUtZmHTkZwuMT5C6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 33710
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 33710
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/pwaNotFound.html
190.115.24.50200 OK 6.4 kB URL HTTP/2 www.instagram.coinexa.pro/pwaNotFound.html
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash 855d993c1066800ba3d898d9c2fbb1de
683494e7fa267bbdfe7a473881778c4e8b75e3c6
cc0f335f23ab592b042ed9fb8e105636f2d297fa21a9b7c83e73c072cf956b9f
Analyzer Verdict Alert fortinet Phishing
GET /pwaNotFound.html HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/sw.24799f0a.js?disableActualDomainLogic=false
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: text/html
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-1380"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/js/index.6d8e66c0.js
190.115.24.50200 OK 143 kB URL HTTP/2 www.instagram.coinexa.pro/js/index.6d8e66c0.js
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (23071)
Size 143 kB (142632 bytes)
Hash 2d0a5ef55f1280c974740d4e458fd22b
223ac84ad17440494aa16c2dd8064badf1be6447
3fe5a42c11fac93bc04425dce03e455a33ed810f4fad5ea257d809782f80b955
Analyzer Verdict Alert fortinet Phishing
GET /js/index.6d8e66c0.js HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-5a4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/production-translations/langs/en?v=2
190.115.24.50200 OK 552 kB URL HTTP/2 www.instagram.coinexa.pro/production-translations/langs/en?v=2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 552 kB (551786 bytes)
Hash 13c9da05b2dda3f2bcd6628d0e383a00
7a0f46c6ca0fba82926cc502aa5e35c9c691c690
d35e1011beceed0eeaf6718b1cca5be10e84ecfaac2ceeafb3a1178732d49dcb
Analyzer Verdict Alert fortinet Phishing
GET /production-translations/langs/en?v=2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.84.86:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486ik.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/socket.io/?Language=en&EIO=3&transport=websocket
190.115.24.50101 Switching Protocols 0 B URL HTTP/1.1 www.instagram.coinexa.pro/socket.io/?Language=en&EIO=3&transport=websocket
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.instagram.coinexa.pro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nRAK5yzVx0lNO+TvNUPv/w==
Connection: keep-alive, Upgrade
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.84.86:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: ddos-guard
Content-Security-Policy: upgrade-insecure-requests;
Date: Tue, 06 Dec 2022 07:08:57 GMT
Connection: upgrade
Sec-Websocket-Accept: ZS3HnySgpzT10KoxF3SqNYOlzKQ=
Sec-Websocket-Extensions: permessage-deflate
Upgrade: websocket
www.instagram.coinexa.pro/get-authorization?random=1670310533047-0.5953609239909265
190.115.24.50403 Forbidden 73 kB URL HTTP/2 www.instagram.coinexa.pro/get-authorization?random=1670310533047-0.5953609239909265
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash 9fbccfaf46201310fa1c26951cc0c782
64f3e14bbd509e3d9ac827fd27a1c153d5031c51
cf538feec64c0df795aec24c7ed6764e09599cdd7c062659ff96a0a1dbc372ba
Analyzer Verdict Alert fortinet Phishing
GET /get-authorization?random=1670310533047-0.5953609239909265 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.84.86:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
etag: W/"e-wN+xT2c5ZvCPo0YIdQiMpDVsb6o"
x-powered-by: Express
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&gjid=880686854&_gid=1907712577.1670310533&_u=YADAAUAACAAAACAAI~&z=1814385595
108.177.14.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&gjid=880686854&_gid=1907712577.1670310533&_u=YADAAUAACAAAACAAI~&z=1814385595
IP 108.177.14.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&gjid=880686854&_gid=1907712577.1670310533&_u=YADAAUAACAAAACAAI~&z=1814385595 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.instagram.coinexa.pro
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
HTTP/2 200 OK
access-control-allow-origin: https://www.instagram.coinexa.pro
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 07:08:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.instagram.coinexa.pro/socket.io/?Language=en&EIO=3&transport=websocket
190.115.24.50101 Switching Protocols 0 B URL HTTP/1.1 www.instagram.coinexa.pro/socket.io/?Language=en&EIO=3&transport=websocket
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.instagram.coinexa.pro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CSbAz+zfSBkgPOCBbgj8Kg==
Connection: keep-alive, Upgrade
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: ddos-guard
Content-Security-Policy: upgrade-insecure-requests;
Date: Tue, 06 Dec 2022 07:08:58 GMT
Connection: upgrade
Sec-Websocket-Accept: Lv+/V0GDTQwwS/0e7wC1Izjl1gs=
Sec-Websocket-Extensions: permessage-deflate
Upgrade: websocket
www.instagram.coinexa.pro/fonts/SFProText-Regular.c7e2854d.woff2
190.115.24.50200 OK 95 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Regular.c7e2854d.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash 79cc5f3c5fcfe0e716ae3360f9a29aab
bb04beab852dc27fc88f58f6029c6a08a5a511d5
17a5c3c85fc9c9a7f1eea0b25ee8e550c29296307ece89eb561e54683d99ee25
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Regular.c7e2854d.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-170d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/css/desktop~mobile~vip.154bab67.css
104.26.11.233200 OK 680 B URL HTTP/2 cdn-1win.xyz/css/desktop~mobile~vip.154bab67.css
IP 104.26.11.233:0
File type ASCII text, with very long lines (459), with no line terminators
Hash 7e4fdf7ce1792535df475a119b539c5a
bc24963f9f844919140cb6f2fe7fc3c213d20fd3
e917fdf23b5688806598edc466de316c236db18215af9d1ea6a90a0953390de2
GET /css/desktop~mobile~vip.154bab67.css HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: text/css
last-modified: Thu, 08 Apr 2021 10:38:44 GMT
vary: Accept-Encoding
etag: W/"606edd34-1cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRJSoSUiujPAbyQuCzF3FDWAWykGS0dTdFDeP9j9x4bJEzjBtiokoKLBuNlaF%2BXhwY%2BFvGob6rc8GbCVCfoscqiHiXdvD7pmIUuwmNoNiJUV%2FV3%2BqQ4fiJm2B9NJsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331728addb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/js/desktop~mobile.81a18291.js
104.26.11.233200 OK 44 kB URL HTTP/2 cdn-1win.xyz/js/desktop~mobile.81a18291.js
IP 104.26.11.233:0
File type Unicode text, UTF-8 text, with very long lines (55301)
Hash 33de116ee532b8a9491ab6ac792e8bc2
8555de6047adac39385465e6ed43978d556e27ac
db6007fd56971f54cffd25ef1cbdc8ff347d1d98c22dc02a1ae5d8b4be5aa23d
GET /js/desktop~mobile.81a18291.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Apr 2021 15:31:43 GMT
vary: Accept-Encoding
etag: W/"6065e75f-23a86"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5oViHhsaQgZN4iZfDNnn8H0ORbm9283OM%2BNdJRDQyyxtWRAIUWJnkx11XxM6LTPGfGCNeGTMR1n2FkRrWw5EaWgigKyF1ZL%2FifdZwg1O%2FSorP%2FBKrQrX4NvEHNERg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331729ae5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:08:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-174162538-1&cid=523507903.1670310532&jid=987816166&_u=YADAAUAACAAAACAAI~&z=890805294 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:08:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-1win.xyz/socket.io/?Language=en&EIO=3&transport=websocket
104.26.11.233101 Switching Protocols 0 B URL HTTP/1.1 cdn-1win.xyz/socket.io/?Language=en&EIO=3&transport=websocket
IP 104.26.11.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.instagram.coinexa.pro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x8C2uH2AhDa6t6AX84y3rQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 06 Dec 2022 07:08:58 GMT
Connection: upgrade
Sec-Websocket-Accept: T2XXImGWTapYJWSWiaG7OnHiQOY=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=http://10.233.80.153:80; Path=/; HttpOnly
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTHUSBzlPFcseHdsSlQXqTfTVA2c9%2BDWI71Znzm5Vh%2FbNyeFvs%2B8IU0mhyQKRcDFWqZKJ%2FuDnHYxE7R%2BALOzMFjTYhxASrjosmwmyjNmf2ez72ZbWqYazTxWEx7PEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775331809cebb518-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.instagram.coinexa.pro/fonts/SFProDisplay-HeavyItalic.81fa0353.woff2
190.115.24.50200 OK 63 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-HeavyItalic.81fa0353.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash ea318751c34103f130c93d56cc40a4a1
124249d3430f812f7422f21b0f8fdf52559fbd55
bfd1b7e0b849f8307d9dcc8f7ddbb2b9797c857fcdefa19b8b14bf7143100d38
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-HeavyItalic.81fa0353.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-f2f8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-SemiboldItalic.22e121a3.woff2
190.115.24.50200 OK 36 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-SemiboldItalic.22e121a3.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 36032, version 1.0\012- data
Hash a451a719e4de3bc60dc0c2fb1998fc84
1a38cf521f9c804dae1470e4e1d65d3b8e120777
9629650aff258c5ec09d68cfd0793a26ec03ca87e88e90f233491fb87185a59c
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-SemiboldItalic.22e121a3.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8cc0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-Medium.52ea0d70.woff2
190.115.24.50200 OK 100 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-Medium.52ea0d70.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 99572, version 1.0\012- data
Hash fa97d63208dab77da1df4545f5c4a8e6
dffaff8896f0557a3babbe3b12f5c0bfda3bc342
caeb4cc4ae4f4abe010d36356db0d3c8c53c6c24fde485b4a9f635fe8fe8b0d1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-Medium.52ea0d70.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-184f4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-RegularItalic.2d0b4551.woff2
190.115.24.50200 OK 56 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-RegularItalic.2d0b4551.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Hash bda914a344e57f30bfa3a59774c1dd4c
8b620aa3ca7ea8c1e783058c596851e72903ac5a
c431ccb59fb217b2c5057a0a3ce1a9c2d9023124c28f207634e1a4cb30e28215
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-RegularItalic.2d0b4551.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-dbf0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-ThinItalic.c77d26c8.woff2
190.115.24.50200 OK 130 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-ThinItalic.c77d26c8.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 130 kB (129993 bytes)
Hash a139f1415993a65b8a3c2731e277baef
956f801d4e000b02e8855d18dc328479af300afb
8ec723223883469233bdea66b12d6ee5dbea30b3b3c68a35c59f94c6e11b4a64
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-ThinItalic.c77d26c8.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-f570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-RegularItalic.dac56833.woff2
190.115.24.50200 OK 258 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-RegularItalic.dac56833.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 258 kB (258271 bytes)
Hash 3cbb2b09e270ec3636c41fd17948cae5
442b8557511fc0bd668855f633151bb1154540f4
c1fe86146794747ba09410a9cad88e01748184719426ecb645442ad39dcb0909
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-RegularItalic.dac56833.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8cc8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/poker-banner-bg.2bcd70b4-966.png
104.26.11.233200 OK 38 kB URL HTTP/2 cdn-1win.xyz/img/poker-banner-bg.2bcd70b4-966.png
IP 104.26.11.233:0
File type PNG image data, 966 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash fdbfe82fd7098823668ba52a4a3c520a
db238286681a305a6b5faed69293ca03dcb2b62c
61d5cbf85ed912dc5e1dac264a8ff23496003c9c8caf51a8214e2a14ded4391f
GET /img/poker-banner-bg.2bcd70b4-966.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/png
content-length: 38029
last-modified: Fri, 25 Jun 2021 13:14:03 GMT
etag: "60d5d69b-948d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTbZH58D3%2Fzx7OJrqf9ufE3SCdQyO3QHmAHjApL6vXLhfxb%2FY3bL6zMP5HGCb9UIk1mp5ShWDIzR7Ls9%2FWdjStT3vOUtFhDLoIyTl1S3hnkgRXCjZQDgC3tGsub7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f3d15b512-OSL
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 3.4 kB URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 76
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
content-length: 3362
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
content-encoding: gzip
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
x-powered-by: Express
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 2.8 kB URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44919), with no line terminators
Hash 247fbd665d219421339d6adbb828dc33
ae4c06f0682a5375911da527fd86ac70d702659b
4532869454fe9f6379ed5dca28a256fea8939d1fd762ac65c1c8c9b3f50ce8fb
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 60
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
content-length: 2772
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
content-encoding: gzip
etag: W/"ad4-rkwG8GgqU3WRHaUn/YascNcCZZs"
x-powered-by: Express
X-Firefox-Spdy: h2
cdn-1win.xyz/fonts/SFProText-Heavy.e2a14113.woff2
104.26.11.233200 OK 104 kB URL HTTP/2 cdn-1win.xyz/fonts/SFProText-Heavy.e2a14113.woff2
IP 104.26.11.233:0
File type Web Open Font Format (Version 2), TrueType, length 103760, version 1.0\012- data
Size 104 kB (103760 bytes)
Hash e2a1411345a11d7d65621240838347b3
83ef90a72d1f5e138c0ed1c97c4f7fa8ab95681d
21961c9c0cb52a74112af43f4903ab8c80feb7ebed32b192a62dc006c4f3cf74
GET /fonts/SFProText-Heavy.e2a14113.woff2 HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn-1win.xyz/
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/octet-stream
content-length: 103760
last-modified: Mon, 27 Sep 2021 12:25:52 GMT
etag: "6151b850-19550"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlVqNzM8edaD96ewiVi3npDwH9SvWm%2FXHjMzly%2BlaiNFpuO99vF6Slr0DQiDabYU%2FN9OXERMgRpe8q%2BQgymzYEdc6p1f7aYfwEkbeBVb2GrI7VT3sl4N0x6SSGexvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f584bb4e8-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-tvbet-frame@2.9cb2a1f6-256.png
104.26.11.233200 OK 9.6 kB URL HTTP/2 cdn-1win.xyz/img/sprite-tvbet-frame@2.9cb2a1f6-256.png
IP 104.26.11.233:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 881918ac895cd6c2aacd7a283a9652a5
352e24568a970e78c265e4b1f36368e9ff34f4a8
747105027c274f155277489b498ba9d91a90b53abea6711885e41ebf7d181d8a
GET /img/sprite-tvbet-frame@2.9cb2a1f6-256.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/png
content-length: 9581
last-modified: Thu, 19 Aug 2021 10:58:37 GMT
etag: "611e395d-256d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6I2%2Fp7NF4SlItPWpwVJoJ4VHc1lS0yG5iRmzJqApUhEJa%2FVxL1M%2Bx9omTW9ZQXH2iEV6DOWVCSQ0evQAt2vHRy3yegM%2BJ5kyMGswxQELg9643%2BSdXi3lpdS1HHHRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f5d29b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/bonus-banner-small-bg.e1c670ff-1110.webp
104.26.11.233200 OK 132 kB URL HTTP/2 cdn-1win.xyz/img/bonus-banner-small-bg.e1c670ff-1110.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 132 kB (131508 bytes)
Hash 5bb2e06a148bb18c9d5a3b39de2e9783
a0107e56325269e555f314c4ea0fdc4a68b5a193
72306c618b5c4135dcae1edffa2308cc0efdcab927cab929a94a70f52d55bb62
GET /img/bonus-banner-small-bg.e1c670ff-1110.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 131508
last-modified: Fri, 25 Nov 2022 09:52:06 GMT
etag: "63809046-201b4"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQKyYxIxvp0tAZtsS4PQS3hZtBtfIXz%2B44WfJGxr1o63v58Dd8lrk9pXAKBfIemhE9z5liAur%2BubjA5Nvg7JzEmyVX%2Ft3ZcCFM3duwgtkTL7au6KAaZnH5cRzlRKGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d49b512-OSL
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-MediumItalic.0f6e9216.woff2
190.115.24.50200 OK 326 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-MediumItalic.0f6e9216.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 326 kB (325756 bytes)
Hash 4d3e4e65717578a156bbaaef60597bcd
e87174bed20b618d6ed7c9f94026d554258236e2
aff1034bfa0a3fe5a4add8f52960a7033ffe27e34e1ebf3656297c61d498c009
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-MediumItalic.0f6e9216.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8d88"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/js/chunk-12f222e3.08b51f9e.js
104.26.11.233200 OK 31 kB URL HTTP/2 cdn-1win.xyz/js/chunk-12f222e3.08b51f9e.js
IP 104.26.11.233:0
File type Unicode text, UTF-8 text, with very long lines (65485), with no line terminators
Hash b487c646b06ba1e2ccd138efc51b5aa0
9d4ade6b58fda3d5418cfa9ff3d859b3f78ff227
d06a207c3d76ea2ddcd13733610eddf15ab1f98abce4512ffea0079cd098af35
GET /js/chunk-12f222e3.08b51f9e.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Apr 2021 15:31:43 GMT
vary: Accept-Encoding
etag: W/"6065e75f-285f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm2S5%2BMyQLcxPNJarxDrOXCQ%2Fun4p9mpkZ%2BlchH0fZuySIVppz5N94ehp%2B0UdzIq6Y3wwPMjConyI9LoH7SDFU09gRew8Hz2XPWEef5aJ%2FCEhPVdWbuwcQ8AJamRXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753318bea11b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 1.1 kB URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6808), with no line terminators
Hash 464b362c119a9bf108aaabcce146d1c2
c22ada64e6e2581625f46c9b50c2b944ef574af9
e7462dda72574fa39ce1b42c550e989bd0b546bc362ebf1615aaddad5cb26e09
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 67
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
content-length: 1078
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
content-encoding: gzip
etag: W/"436-wiraZObiWBYl9GybUMK5RO9XSvk"
x-powered-by: Express
X-Firefox-Spdy: h2
cdn-1win.xyz/img/1winpoker_en_hover-min.9543d47a-1320.webp
104.26.11.233200 OK 243 kB URL HTTP/2 cdn-1win.xyz/img/1winpoker_en_hover-min.9543d47a-1320.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x427, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 243 kB (243082 bytes)
Hash 7b97883513e76fec1e876f4689712763
46e93b254e093d59a42b8ce7cbde1684373a7e11
093a78cf8bd8d05b8a04ed09920a6820483baed465fc54851c357b9263ba2d0c
GET /img/1winpoker_en_hover-min.9543d47a-1320.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 243082
last-modified: Fri, 23 Apr 2021 13:53:54 GMT
etag: "6082d172-3b58a"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBfIm6KTb%2BGegQqE6yz%2BewKnWTtdGeWgWd5apio5HyXVFYwMjK1Ftx5eMOoa8%2B8a%2FRKd8dpXQqCarjMDu075Cn4KHSWW%2BEnqiC6h67tsodmLXZ6d5Qdk7otdWaARqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d48b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/1winpoker_en-min.421370e1-1320.webp
104.26.11.233200 OK 243 kB URL HTTP/2 cdn-1win.xyz/img/1winpoker_en-min.421370e1-1320.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x427, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 243 kB (242708 bytes)
Hash 033ab6f7729d734dd1ba7b9a0fd8bd30
d2a1aa1d1f5d04b38cd26bb5129b10ccbf641fd4
d898828d08145b2ebaf62a44a25b54394b389d778d316656cfa34d691d02b3c4
GET /img/1winpoker_en-min.421370e1-1320.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 242708
last-modified: Fri, 23 Apr 2021 13:53:54 GMT
etag: "6082d172-3b414"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHdJsjOsPvuYOYrSwh9cJd%2BmM97FW2UewVXi5S9c455Q3SWJSKXw%2Bi9QPUjsDgrhTfnaRt5lUj5qaxXWu0aCLQ%2B3DiE%2BWcqJX4nUnjFvE1WJIi7A%2BBtYyRcd1Jl0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d47b512-OSL
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-Medium.f0afbb40.woff2
190.115.24.50200 OK 100 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-Medium.f0afbb40.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 100 kB (100503 bytes)
Hash 7c801c449296a4ef1b1876349e5de9b8
eea32e6e8664d4d71a163f1346e98c898b42ab83
4258b642cd7190721796ad647ac29c81c74be3037da0da3e9a1a26a48356e9c2
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-Medium.f0afbb40.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8e40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/1.txt?1670310533635
190.115.24.50200 OK 104 kB URL HTTP/2 www.instagram.coinexa.pro/1.txt?1670310533635
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 104 kB (104200 bytes)
Hash e7aabb4d6b748457913ecd98e8087f65
f2fcc1f163d0833fdf90689ff8ebf1c25b3346cd
b75f3bb3c5d8f6e37cf981d216c5afca77ff6e6b252424206b484ba82485a467
Analyzer Verdict Alert fortinet Phishing
GET /1.txt?1670310533635 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/sw.24799f0a.js?disableActualDomainLogic=false
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.84.86:80
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: text/plain
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8"
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-poker-frame@2.a408d026-256.png
104.26.11.233200 OK 44 kB URL HTTP/2 cdn-1win.xyz/img/sprite-poker-frame@2.a408d026-256.png
IP 104.26.11.233:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash dbd6e279d26d060015165d4d42f0a334
773037bda380400defc6a4fb6ee3e38ee8e3773d
b58db5528e9a7b88ce2993823e73f619ae5cd74bf3f1ad2d1644caa387a8d832
GET /img/sprite-poker-frame@2.a408d026-256.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/png
content-length: 43844
last-modified: Mon, 01 Nov 2021 10:08:49 GMT
etag: "617fbcb1-ab44"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgY%2BZC4miVXiTVoaNZvcB5HUby0gpAlFlCa0DyTj%2ByVHf7IjaM%2FrWOJ7AZ518Vn%2BJ7Fu1bRhhZ2cstZqeduQa1VPbIlolPnQLrz2LwV52xbmCpZ2LdLw%2FDSHyraOGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d3cb512-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/67400437/1?page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2Fbets%2Fhome&page-ref=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&hittoken=1670310538_0119188d532a355b6d10e3e837113bb182a668eb226365f83fe6571cdef7a1e3&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070857%3Aet%3A1670310538%3Ac%3A1%3Arn%3A328288702%3Arqn%3A2%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4404%2C4404%2C1%2C%3Aco%3A0%3Aeu%3A1%3Ans%3A1670310530798%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310538%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/67400437/1?page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2Fbets%2Fhome&page-ref=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&hittoken=1670310538_0119188d532a355b6d10e3e837113bb182a668eb226365f83fe6571cdef7a1e3&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070857%3Aet%3A1670310538%3Ac%3A1%3Arn%3A328288702%3Arqn%3A2%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4404%2C4404%2C1%2C%3Aco%3A0%3Aeu%3A1%3Ans%3A1670310530798%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310538%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/67400437/1?page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2Fbets%2Fhome&page-ref=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&hittoken=1670310538_0119188d532a355b6d10e3e837113bb182a668eb226365f83fe6571cdef7a1e3&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070857%3Aet%3A1670310538%3Ac%3A1%3Arn%3A328288702%3Arqn%3A2%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4404%2C4404%2C1%2C%3Aco%3A0%3Aeu%3A1%3Ans%3A1670310530798%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310538%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.instagram.coinexa.pro
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 07:09:00 GMT
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 07:09:00 GMT
last-modified: Tue, 06-Dec-2022 07:09:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-LightItalic.a6928e5d.woff2
190.115.24.50200 OK 134 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-LightItalic.a6928e5d.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 134 kB (134339 bytes)
Hash 23de41063bcd77b65be7bb5b624c57d3
a13b6bd49bee616cc8f3018345705edb0d473105
aec1dc657d6ee5dad37b99dcf6828109d1358f810655ab8484b76f8d98158d5d
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-LightItalic.a6928e5d.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-84cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-HeavyItalic.621ae893.woff2
190.115.24.50200 OK 138 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-HeavyItalic.621ae893.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 138 kB (138455 bytes)
Hash ce6800f5781220a0b0e15289bcbe10eb
52466880f8729ead053f9fed3edebff0654c566d
4b23139effaf522fe1efdfc18f36e852bb33ba0765a7e031fa52efe42bc9ddc1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-HeavyItalic.621ae893.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8634"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-Light.80c80241.woff2
190.115.24.50200 OK 171 kB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-Light.80c80241.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 171 kB (171227 bytes)
Hash 8c44c8df86df657ff4942a124fc1997e
e4c4e1422c14ba65748f1935956bf499c66e11f0
a68170dda0234e7ba3f500098d9a48efae74177ecab9dd62f2d12e27c78740e1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-Light.80c80241.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-870c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-roulette-frame@2.2947c20b-256.png
104.26.11.233200 OK 141 kB URL HTTP/2 cdn-1win.xyz/img/sprite-roulette-frame@2.2947c20b-256.png
IP 104.26.11.233:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 141 kB (140922 bytes)
Hash f58828e5a688641fe870c411ed3994e0
8a6dff7a2f9549a1c18c93ac01fb17066bd636c5
57e20d6dcfad65d687bd41fd895c492cee8c54dee548d252a925944f286c0247
GET /img/sprite-roulette-frame@2.2947c20b-256.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/png
content-length: 140922
last-modified: Mon, 01 Nov 2021 10:08:49 GMT
etag: "617fbcb1-2267a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDkpdCV%2B4YXStWiWyaX0tYGDorTyftIbvurszM4hbQEcqmldEjLLOV%2BI0t7P3eHBflPF0A5rqLaDX7BfQzUZ4vVmhiT4emox9hOR%2BTbo6s5q6fqDIKHWh3XyUClYzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f5d2db512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/fonts/SFProText-Bold.8e175b47.woff2
104.26.11.233200 OK 102 kB URL HTTP/2 cdn-1win.xyz/fonts/SFProText-Bold.8e175b47.woff2
IP 104.26.11.233:0
File type Web Open Font Format (Version 2), TrueType, length 102320, version 1.0\012- data
Size 102 kB (102320 bytes)
Hash 8e175b47e6cc95ff7aa4bf6449f1158d
a459387c929ed690d4e0b0331f3650bd40d0066a
87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1
GET /fonts/SFProText-Bold.8e175b47.woff2 HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn-1win.xyz/
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/octet-stream
content-length: 102320
last-modified: Mon, 27 Sep 2021 12:25:52 GMT
etag: "6151b850-18fb0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3x25eKQkcqHv2i74C19gEqzyNCjdrtQyAbYdMaGL1HYjhMcSLk%2BHaDWshv90QQVXFghS6T5hSV79mnyRm5V6DwbYjd6mJHvp%2FJcvHVbNIoSgPtKeexL6cETJkCRrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f4849b4e8-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/js/chunk-3d551ac9.57f88a70.js
104.26.11.233200 OK 310 kB URL HTTP/2 cdn-1win.xyz/js/chunk-3d551ac9.57f88a70.js
IP 104.26.11.233:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 310 kB (310116 bytes)
Hash 513cd6f809fd65a5a4718dbe4b991c71
42ab007d23d4cf88b53c5fc8e247b5ad5c05f0ea
11a7e576a199c37e0b82dcee74a0ec986364b2ebd1f78f2b3d8a44c89c9d51e5
GET /js/chunk-3d551ac9.57f88a70.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Apr 2021 15:31:43 GMT
vary: Accept-Encoding
etag: W/"6065e75f-11683"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KetW3VSvpcnPvwSIiWSGkNfXYIXx%2FvX%2B7OAQ47eaYUmU5vNAzVO6bqE5hHnpiJrB3jcz04lQOPo8S1hYszayCPm26Hj1XkuO7dpcAd%2BDYlXkKO4TLcM%2B5qQmn1fk2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753318bea13b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 23 kB URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4f97b7872997511186f1085bb900b734
3e868696efdab9155a9d7b4e0dd6df4cbb03245b
f0707baad6ad46051f7185aeaa8fad69e2471a4a7941a3e80ac17dd2fb213ab8
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 67
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
content-length: 22680
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
content-encoding: gzip
etag: W/"5898-PoaGlu/auRVanXtODdbfTLsDJFs"
x-powered-by: Express
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 34 kB URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash f5214a5bf203339bf9e905f6a0c4fd30
5121baa841f837484853dd50819fbe6af76cd102
9199cc9fdf54fe501bdcf6ef7d2728b58d69fcf6379de5e758128ee46ce439c4
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 85
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
content-length: 34313
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
content-encoding: gzip
etag: W/"8609-USG6qEH4N0hIU91QgZ++avds0QI"
x-powered-by: Express
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-tvbet@2.28d26de1-256.webp
104.26.11.233200 OK 524 kB URL HTTP/2 cdn-1win.xyz/img/sprite-tvbet@2.28d26de1-256.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 524 kB (523858 bytes)
Hash 8917498d3c4ea966b01619e636c95e57
c5c48a4cf56fd99d2c6f664b90992361b8638e0d
64e112bd247a479aeb24c70e88678a8e2ba928b1712f5ef9836222e08fd33fcc
GET /img/sprite-tvbet@2.28d26de1-256.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 523858
last-modified: Fri, 23 Apr 2021 13:53:54 GMT
etag: "6082d172-7fe52"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99fAulTajR4NSRRZbvve6DlJpsTiFm%2BdzZ1zG4h7YW0Tc7MK0h%2Bj2Npczqdz8vKv4VN3g9FCBloc0%2Fs6tdcznVtmvCMLVxV1LGISRGaam15jTonc9tf%2F%2BlnmF%2FbBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f5d2bb512-OSL
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-LightItalic.24eb4d29.woff2
190.115.24.50200 OK 1.5 MB URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-LightItalic.24eb4d29.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Size 1.5 MB (1505379 bytes)
Hash 1d6e4a7c01e47fb36a3a01e6c0b0e5f6
4f88740d1b79e2e8fe8add1eac793f3d9d902323
f45e247a03815b173ace67955ebbaf4e665d1508959493cb3161387d8f1c60bf
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-LightItalic.24eb4d29.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-f494"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-poker@2.05916f50-256.webp
104.26.11.233200 OK 639 kB URL HTTP/2 cdn-1win.xyz/img/sprite-poker@2.05916f50-256.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 639 kB (638742 bytes)
Hash ecf2e16d5996c20a4da9497cc4ae0a26
e40458dd023312cb4f2b2841574afe6138b4ace9
ffe27fe803369e631e7e8cb849960151a39b8409272a94ec67211460c3434852
GET /img/sprite-poker@2.05916f50-256.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 638742
last-modified: Fri, 23 Apr 2021 13:53:54 GMT
etag: "6082d172-9bf16"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8yF0tWwpi7dUO%2BEMAleONhwSv2F3iT2wTON5BUBUZ5%2FXeQTpHggZcVpu1ZV7Kf7lhkx0hi%2BUSrBmPLd5I9i6T4ruXikZpydX2ITsL9gtideej1HzgGDrEEU2%2B7B9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d3eb512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/sprite-dice@2.c4f31540-256.webp
104.26.11.233200 OK 827 kB URL HTTP/2 cdn-1win.xyz/img/sprite-dice@2.c4f31540-256.webp
IP 104.26.11.233:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 827 kB (826938 bytes)
Hash 42f4924c865dcc01b37220b7b76e337a
101bc9055c411ed371d7a81b6616770b556eed3a
34ef486c70fa38c0b807b27c9c29638e4457df12d62eea6a451c12ef3edfa7d4
GET /img/sprite-dice@2.c4f31540-256.webp HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: image/webp
content-length: 826938
last-modified: Fri, 23 Apr 2021 13:53:54 GMT
etag: "6082d172-c9e3a"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu9bYhMS8qnOutJuMewRoPSz2jKDENW0w4rfYcjmFZrt2E8JyZmCC%2BbQExACHdyMfN2KSP%2B0nNU3QfQxSaa3ROsR6qv3lSjp7yMQ9GTCB%2FbhYV4m6TlHFCdTYcfhEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753318f6d37b512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 27c66243a94292eb0242b590b8883ab1
ab1faa0d80085021c6046f4205096509cc3f451e
33ae7b16d3546545baea7e32ab9e220b9f98c96ceb00da60741b6a3683ec7d81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 879
Cache-Control: max-age=119192
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:09:01 GMT
Etag: "638e15b6-116"
Expires: Wed, 07 Dec 2022 16:15:33 GMT
Last-Modified: Mon, 05 Dec 2022 16:00:54 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 278
ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1670310533045&shouldCompress=true&EIO=3&transport=websocket
104.21.53.47101 Switching Protocols 0 B URL HTTP/1.1 ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1670310533045&shouldCompress=true&EIO=3&transport=websocket
IP 104.21.53.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push-server-v2/?Language=en&snapshot_time=1670310533045&shouldCompress=true&EIO=3&transport=websocket HTTP/1.1
Host: ps250.1win-service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.instagram.coinexa.pro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D2aVN3NOGYClU9nk+O/g/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 06 Dec 2022 07:09:01 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: O4YGtYsCKdwlQ2Gz7MjMHyhUTXs=
sec-websocket-extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGVRwp5Jg0r5IdnWpd8z7B5WQOvvn82v8Pnm3LVCVvTC%2BnJcBqQ858akaaCWh05v%2FHr1ytXCXZ0euHhPLI6Gk%2BSwfwM3CAFgAxekkYxbrkKqj%2FWnfl8co9jU90bWq6riGaObB%2F1pAivc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775331950fbdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 27c66243a94292eb0242b590b8883ab1
ab1faa0d80085021c6046f4205096509cc3f451e
33ae7b16d3546545baea7e32ab9e220b9f98c96ceb00da60741b6a3683ec7d81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 879
Cache-Control: max-age=119192
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 07:09:01 GMT
Etag: "638e15b6-116"
Expires: Wed, 07 Dec 2022 16:15:33 GMT
Last-Modified: Mon, 05 Dec 2022 16:00:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
cdn-1win.xyz/img/betsolutions.abe98bdf.svg
104.26.11.233200 OK 85 kB URL HTTP/2 cdn-1win.xyz/img/betsolutions.abe98bdf.svg
IP 104.26.11.233:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2085)
Hash 364765904d5799d36a4de645526906fa
d05aac748ce1f768d241a39dbb15797bd21db302
f322a6037ea84cb360cbaa103acb24ec63eab6d04172e0f829b05e58a87eb531
GET /img/betsolutions.abe98bdf.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-911"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpGH2A%2B66LC8Q0p5R4PzUZY8WAZoRRqP1as7wy1%2Bmb0ZhPDP3pRgw%2FmMhSiS3CaTVXVR78txVeJ27H%2BdizwrlOdpxmZg6slSm%2F%2BIvVPyoLLaXw9V5ROO90co%2Bo9Tkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dcbf4b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/infingames/acf7e75e-ff38-49ca-b4b4-c8d0b8cfffb0.jfif
104.26.11.233200 OK 95 kB URL HTTP/2 cdn-1win.xyz/casino-images/infingames/acf7e75e-ff38-49ca-b4b4-c8d0b8cfffb0.jfif
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Hash af53537a856f07c921de1f1138663697
ed3b96f128b3816d50d59d669e7c6b7566464104
8c3ae29687ae2b3560118aa0fff3a7e0c6062d104e92da71a0c0eadfed4c7fd7
GET /casino-images/infingames/acf7e75e-ff38-49ca-b4b4-c8d0b8cfffb0.jfif HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: application/octet-stream
content-length: 94605
last-modified: Fri, 14 Oct 2022 11:31:49 GMT
etag: "634948a5-1718d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWNJwNGRUTUS5QzNUG8hZMuGGR49I5SCKEw02YDxc8Zei26lX4HLrl3qxUHWYv6j%2BxeBgSIDG77hhrG6cEzTbn80wTM7odXErF9%2BkzLQxDxDThirWwt9PPKwuJ34ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e5cf2b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/dbd7f81c-23d2-4c51-b612-64f4bb33d2a3.jpg
104.26.11.233200 OK 134 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/dbd7f81c-23d2-4c51-b612-64f4bb33d2a3.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Size 134 kB (133579 bytes)
Hash 61839b4bc0c2fb2f8847c983a69c1a7f
b51fec27781e5a020f09d97f8c2413687773727b
6b452e39982c799ae7b2f8d686b12e64252327b10baa2e8606e6388051f319e4
GET /casino-images/fundist/dbd7f81c-23d2-4c51-b612-64f4bb33d2a3.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 133579
last-modified: Wed, 16 Nov 2022 13:34:41 GMT
etag: "6374e6f1-209cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2FFFB0KDM92aKb0DudfBcqgznVba%2BKZ7bPUOp2jv2j8QccLZphFCPwufagiAK%2BinjtdNEFyperfhiazRiJn%2BitUWI%2FnERsYSjHyrZv7%2BNPmdiRl4hvjOKycHzwB9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e7d10b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png
104.26.11.233200 OK 21 kB URL HTTP/2 cdn-1win.xyz/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png
IP 104.26.11.233:0
File type PNG image data, 200 x 150, 8-bit colormap, non-interlaced\012- data
Hash 981cc2922acf02daf669fca43e49ed69
073e5fc4096c928e40ba1c73d84b6a8da2567493
5a5b4bd6403435dc77250af98ea0098f50147d4185a4f7e5a59894b1fbb170c7
GET /casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 21314
last-modified: Wed, 16 Mar 2022 11:49:39 GMT
etag: "6231ced3-5342"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApacY8biK38aV92qaZoOUepsEcNClmNbiUNAjKOhWuSXscP0fdth0Hzk2FREiaikVSMvwuNkAw4vPS8py7Dhp3o%2Bbm6rMxSfixpjdhzg1k%2BUPez93b%2FH6KEgyFoWxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e4ccfb512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/bgaming/a5e6d5d3-4e71-4847-b416-f845255ca3b8.png
104.26.11.233200 OK 197 kB URL HTTP/2 cdn-1win.xyz/casino-images/bgaming/a5e6d5d3-4e71-4847-b416-f845255ca3b8.png
IP 104.26.11.233:0
File type PNG image data, 300 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size 197 kB (197050 bytes)
Hash 130d26cbbee0e98cc1a651d812f2f29d
d27597af73c639be350e2c35168da347248a4dd9
c2652fc7e911380607330db7293097a4dfc3122181b98efe69cd54bdc6036603
GET /casino-images/bgaming/a5e6d5d3-4e71-4847-b416-f845255ca3b8.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 197050
last-modified: Tue, 08 Nov 2022 13:18:27 GMT
etag: "636a5723-301ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBDEwiFlpmzYj2vXifd97gzYjbgYkU1ORXkItqE9ejvg5ztdnDsCt5rFaqPvUBpesDGOXcwB9ys6IdQOSoKu3nNM32xmRViTRsK%2FPMuj%2B4opFU6vzR7bk%2F7cIyO46A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e5cdcb512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/pariplay/c_2904702a8791aed55834406566576246.png
104.26.11.233200 OK 385 kB URL HTTP/2 cdn-1win.xyz/casino-images/pariplay/c_2904702a8791aed55834406566576246.png
IP 104.26.11.233:0
File type PNG image data, 600 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 385 kB (385250 bytes)
Hash eef525e6b2dabbce323707fde22d6673
59e23a333ca6dedeac6b52a2f03f1c99eddfd184
61c16c21ac05cd4a74332b1ee9e22e030edcd5849d909c5802476addc4f89065
GET /casino-images/pariplay/c_2904702a8791aed55834406566576246.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 385250
last-modified: Wed, 06 Jul 2022 09:42:58 GMT
etag: "62c55922-5e0e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUp96QcTd6SpIChh%2F51iOBS%2Ff4TZNsNIBxAcY2KfzDw7EUQwJIcJMxEBBCwmQqCuNvR6FU9TPt0yi%2Bl26Zla%2FICVvaU2yqv%2Fw4lbVHUZNP6Apa43Wlrv8a8mBYtPXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6d07b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/infingames/c_38ae1e54bc435f6d927e64db72581a88.jpg
104.26.11.233200 OK 327 kB URL HTTP/2 cdn-1win.xyz/casino-images/infingames/c_38ae1e54bc435f6d927e64db72581a88.jpg
IP 104.26.11.233:0
File type JPEG image data, baseline, precision 8, 600x450, components 3\012- data
Size 327 kB (327289 bytes)
Hash 329805294069a82247c733be503067fe
89ba25120fc018863f19a1e7e9a8d4d20cfa7bee
cc60bc6b47e306bc508a411fcf6680f51520f173dcb2e928c11c8f0b27a0e0aa
GET /casino-images/infingames/c_38ae1e54bc435f6d927e64db72581a88.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 327289
last-modified: Wed, 06 Apr 2022 14:02:26 GMT
etag: "624d9d72-4fe79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LJjysdTbeYAMh3tzQtEG6CAMpA%2BIxSRiUtvkpqLRoMZv3IddADlSoeyN75TU50u6qKeJlmsuEi73UBC4xmrmx%2B102liuvvvc66DNo5L5T7HkNvk8CoZkdHfk6kLtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6d0bb512-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/67400437?wmode=7&page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1108%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070855%3Aet%3A1670310535%3Ac%3A1%3Arn%3A841575220%3Arqn%3A1%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C343%2C45%2C385%2C0%2C%2C615%2C4%2C%2C%2C%2C1627%3Aco%3A0%3Ans%3A1670310530798%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310535%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 450 kB URL HTTP/2 mc.yandex.ru/watch/67400437?wmode=7&page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1108%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070855%3Aet%3A1670310535%3Ac%3A1%3Arn%3A841575220%3Arqn%3A1%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C343%2C45%2C385%2C0%2C%2C615%2C4%2C%2C%2C%2C1627%3Aco%3A0%3Ans%3A1670310530798%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310535%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type gzip compressed data, from Unix\012- data
Size 450 kB (450005 bytes)
Hash a53535dd3c52f0ae113189f3b2799327
b9c0ba988d1b4f8add612a0d547ad1b8f214ba82
a145fc9e6b3f007d6a194b8447e2d58427ee4bfaad907ad09a0485e13fdaba63
GET /watch/67400437?wmode=7&page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1108%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070855%3Aet%3A1670310535%3Ac%3A1%3Arn%3A841575220%3Arqn%3A1%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C343%2C45%2C385%2C0%2C%2C615%2C4%2C%2C%2C%2C1627%3Aco%3A0%3Ans%3A1670310530798%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310535%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.instagram.coinexa.pro
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
TE: trailers
HTTP/2 302 Found
location: /watch/67400437/1?wmode=7&page-url=https%3A%2F%2Fwww.instagram.coinexa.pro%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1108%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A123977995828%3Ahid%3A808971646%3Az%3A0%3Ai%3A20221206070855%3Aet%3A1670310535%3Ac%3A1%3Arn%3A841575220%3Arqn%3A1%3Au%3A167031053549636879%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C343%2C45%2C385%2C0%2C%2C615%2C4%2C%2C%2C%2C1627%3Aco%3A0%3Ans%3A1670310530798%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670310535%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 06 Dec 2022 07:08:58 GMT
access-control-allow-origin: https://www.instagram.coinexa.pro
set-cookie: yabs-sid=301660841670310538; Path=/; SameSite=None; Secure
i=KN0N1mPkSXhiEjbuBK4bQJw1ITjxHUBWemBpl5bW1FYpRWrOGdEeiIc12JscFH0pj3qV43fGDoTcqpPPjy+6nq2n6ns=; Expires=Fri, 03-Dec-2032 07:08:56 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6020165001670310538; Expires=Wed, 06-Dec-2023 07:08:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6020165001670310538; Expires=Wed, 06-Dec-2023 07:08:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701846538.yc.1670310538#1701846538.yrts.1670310538#1701846538.yrtsi.1670310538; Expires=Wed, 06-Dec-2023 07:08:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 07:08:58 GMT
last-modified: Tue, 06-Dec-2022 07:08:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/lightning_roulette.jpg
104.26.11.233200 OK 19 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/lightning_roulette.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 208x156, components 3\012- data
Hash 590c2de3fc38a69f549f29e253b185ec
538e5cccdf1e70e7680739358c9290e7f9064a63
8e96129b8c8a6e3508885f784f2fbd7f94f51655db44f8adbaa13169a45355dd
GET /casino-images/fundist/lightning_roulette.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 18740
last-modified: Mon, 12 Oct 2020 12:40:15 GMT
etag: "5f844eaf-4934"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVCWsUCnkClnp9q37bvU9F7r1EoNcOw97ARUJsQb7e40xMUX4Kng9eFXPgMC2VdtECcK1T7FZZEGblvoNFQK6EodAKYF%2FP6H0L6U3lH1RQJj3DZpjH7efnK99wnMTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e7d11b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/38381df7-731d-48cc-90fc-69bdab31e005.jpg
104.26.11.233200 OK 47 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/38381df7-731d-48cc-90fc-69bdab31e005.jpg
IP 104.26.11.233:0
File type JPEG image data, progressive, precision 8, 640x480, components 3\012- data
Hash 01eafdec6d068b62e545ef524f2cfd09
a913c2d8039b0f349025591278540a044db345a0
6bcf8ab7cb1bcef7467d2f8cc10c14c721ca326c45b30a70851a29383fd7b87b
GET /casino-images/fundist/38381df7-731d-48cc-90fc-69bdab31e005.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 46834
last-modified: Tue, 08 Nov 2022 12:07:42 GMT
etag: "636a468e-b6f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkSeB8YFm2SvR1dNpbYgJIfCMRpVnBpyMyWOVLFPz6LIfvOwZgg52JXETWxmd%2FXfoOTpGIq3EmBnL9tSlolrXKboh%2FGX0ef0h500ZdJyy3HkFx4oDpdyZdMo%2B%2FmwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6cfcb512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/a43a12cf-d965-4d44-a494-4fef833a2d59.jpg
104.26.11.233200 OK 66 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/a43a12cf-d965-4d44-a494-4fef833a2d59.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 440x330, components 3\012- data
Hash 5f758ecf8de4bdd2bc9b03bcecc0a4db
2406e5c5ca830f69cc3d38d1a062b8c0556a0dc6
1e325accd33ab789b3df97790a114e93c98fd5aef92862c7a7b10ebd321016b7
GET /casino-images/fundist/a43a12cf-d965-4d44-a494-4fef833a2d59.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 65638
last-modified: Thu, 01 Dec 2022 12:47:11 GMT
etag: "6388a24f-10066"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viLP2qfm08n9Puv94eyMI1%2FDnBr6ORAne0zBabGsJitgSEAzRKJPZ3p5GPu1j4l2z%2BjctqFzvDD6d4q5cRI3IVvK%2F7%2BRnQc5wfRigTIt7PBpTbHqtBoN4oVyGJ8nTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6d05b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/infingames/c_0879605aa94d8b2c0e552c3e32f2ec07.png
104.26.11.233200 OK 55 kB URL HTTP/2 cdn-1win.xyz/casino-images/infingames/c_0879605aa94d8b2c0e552c3e32f2ec07.png
IP 104.26.11.233:0
File type PNG image data, 200 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f7a6719fe0168b5bd83b0da7fa555732
aacccd1b11988350d152be67a170b98429abe29c
1c7175a5f2990f334a4eb730f982193f8a3f3a3c6ee1a6518c9678df06d1b018
GET /casino-images/infingames/c_0879605aa94d8b2c0e552c3e32f2ec07.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 54624
last-modified: Fri, 10 Dec 2021 10:42:47 GMT
etag: "61b32f27-d560"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSsnzreQJIBaey1n%2FbIW5ut440WJZvTTLpd7fw905tIONPtPq2%2BYvJAZOvY1RYbfox8VjmC0jCWb2lKqqW1Q9QehSBENiKFfczU6IvNEPi0kkgnw3OorUthuWTrbjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e5cf0b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/6ee1f1ba-3fa8-48b9-b904-02bd41eeab74.jpg
104.26.11.233200 OK 119 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/6ee1f1ba-3fa8-48b9-b904-02bd41eeab74.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Size 119 kB (118607 bytes)
Hash 04fdae904696c3af6f43fdcf20012e21
f242868e44efde1137720b857fa08112e2b2fb66
f0ded3158d927035f98fb3044326918760bd795a4c4dafc24c4ab815d68e24fc
GET /casino-images/fundist/6ee1f1ba-3fa8-48b9-b904-02bd41eeab74.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 118607
last-modified: Wed, 09 Nov 2022 13:51:19 GMT
etag: "636bb057-1cf4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSX7Au8vB8gUMQaCE9Jo3ThZCNk0IewNgRUualPQDO9R9wy2XRcWPHEQ7xLGzqMAdKYxCzGrm9a4wd9Ew1GBjwH7La3Pvk%2BvEysRqvl1JOmFCx5eDEA9eWgaFYO3CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6cfab512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/booming.66686cf8.svg
104.26.11.233200 OK 178 kB URL HTTP/2 cdn-1win.xyz/img/booming.66686cf8.svg
IP 104.26.11.233:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (32906)
Size 178 kB (178036 bytes)
Hash 4b362daf8bacae2ad2300dba4c40f502
b996ec82c1be5eeb5c399f7f323c0fbbf9fd54ee
0eec0411830c3e668f507ea9b7245af8f341ceb7eebbaac1caa9678ed5c565e5
GET /img/booming.66686cf8.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-ecd2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQpi1Fto2%2BcMDttZaZOXF2TmdS8k2X5cmSA21NLFnh9xhpJP4Z7nc6DMc77ny5u2j4UMz8l4PeMCtF5LMIFJ4mrVag9pBi05j9FSl%2Fs4KCj5J31tyysw7jCBdWGBrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319ddc07b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/pragmatic/1024.png
104.26.11.233200 OK 141 kB URL HTTP/2 cdn-1win.xyz/casino-images/pragmatic/1024.png
IP 104.26.11.233:0
File type PNG image data, 325 x 234, 8-bit/color RGB, non-interlaced\012- data
Size 141 kB (140617 bytes)
Hash 69d4933b0b5d4f94cea1cd35ba699cfb
0fecc53e4b3116dbbbbdd3a20a3ff6e5b7ef4fc5
65824a9ab57c0bc635d8f598a9d01b95c704660eec024f094e1258018c19b081
GET /casino-images/pragmatic/1024.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 140617
last-modified: Wed, 06 Oct 2021 04:50:07 GMT
etag: "615d2aff-22549"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6QzayAWCaPIediHCRw6hWKVK06MdacSJQpJm7MwU%2FOhipyE36pw8PE84ukDfFUuQpDSMP3XIu9%2FCOPjGDKOkYawdmVpBpHj1b0N91W6w5YpNdXp7sZPD%2F1fJ%2Baxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e7d14b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/e7c09f47-a466-430d-9266-d557e2dae549.jpg
104.26.11.233200 OK 133 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/e7c09f47-a466-430d-9266-d557e2dae549.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Size 133 kB (132638 bytes)
Hash 304abcf1dc78e9ee8472cf0b84d2a48d
9f70dd31330f39fcbc41c94e69384ef3e1220edf
2e1e5100f79b0a24ea239303468247fc282cfa6130a88f52c35282314e5184aa
GET /casino-images/fundist/e7c09f47-a466-430d-9266-d557e2dae549.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 132638
last-modified: Mon, 21 Nov 2022 13:17:25 GMT
etag: "637b7a65-2061e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQy0%2FKyFQvPp3I2gqVOovDcDGG3HT%2FVE4VaR6NbO7CbKr8S2z%2BKKB9F3AWgNYuHN2uMnJqVqEiN8b3trzjAPzy3FTMhMW%2BvgobYiHsJNICbbDYvGYU4ORXhUc614kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e7d12b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/1play/f3f5584a-7ead-48e1-aa2d-8299dfa6a75d.jpg
104.26.11.233200 OK 110 kB URL HTTP/2 cdn-1win.xyz/casino-images/1play/f3f5584a-7ead-48e1-aa2d-8299dfa6a75d.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Size 110 kB (110087 bytes)
Hash 5bf549d70d67260b5a5ce006313970e8
da6505b7811955503d6fae16f1dd500ea77d51f3
848d0853da0ed679c51c10814d89a990cb641d6e5a9c0c6486997ba0b5de97fb
GET /casino-images/1play/f3f5584a-7ead-48e1-aa2d-8299dfa6a75d.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 110087
last-modified: Wed, 30 Nov 2022 09:52:17 GMT
etag: "638727d1-1ae07"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTPUzJZkglXP%2FxplPWjHim%2FTfIztj7tVCq7cmO7%2Flb6EaHKwARAXkp1z1Lw4J7QKWiJPiUluFQOyvCdVjtTHXI4tRnLBXAAdhrOnpwGwFlSI48Y2bRYdZGlDvp16Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6cf8b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/fundist/ae254704-fc19-4ae8-b19c-42a444503628.jpg
104.26.11.233200 OK 113 kB URL HTTP/2 cdn-1win.xyz/casino-images/fundist/ae254704-fc19-4ae8-b19c-42a444503628.jpg
IP 104.26.11.233:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x450, components 3\012- data
Size 113 kB (113384 bytes)
Hash 6e51db774909951ee08f396467ca5fb1
82f2d9e953496665d43d2e87ba4ef8a56e49ce0a
6d36368172eeb2b976c9ad327392ba983e7b73d07a3424abf62dcf252805d96c
GET /casino-images/fundist/ae254704-fc19-4ae8-b19c-42a444503628.jpg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/jpeg
content-length: 113384
last-modified: Tue, 08 Nov 2022 09:34:26 GMT
etag: "636a22a2-1bae8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvY2AFjFP3yICJXoQompAP17C1hF8OCLwSj%2BBgOI5isvegh2PdvZPrmzOp7ccBfVFT6LKuAU7zxzksEHRJ%2BXkm5xPzi6JrSFPE7zc7MW6B1HjYeGf3AwpKIm0BOLoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e7d17b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/img/betsoft.9b2fd119.svg
104.26.11.233200 OK 220 kB URL HTTP/2 cdn-1win.xyz/img/betsoft.9b2fd119.svg
IP 104.26.11.233:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1628)
Size 220 kB (220082 bytes)
Hash 15319f3aba4e1b3396cb5c0e7158023d
3faaa4a8e4bb9d04e51110e6d1045a65a1479da2
032e8d405835f89ddaff34352ceb3a16706bd9dafad64ffe4816a372ed649a8d
GET /img/betsoft.9b2fd119.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-14a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9UUXx9%2FcflR%2BGGpkPhxuTmjxNAscEuf9ged3bZuI7lud85PQKUDySIekq0%2F6ffCr5AteupGaX2JIAIEKwHJ8gLDkj%2FzX9kX3FuB5WHBNApKjMMjDQYbDiDJTR2GlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dcbf1b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/pragmatic/cb23f289-7f13-4238-b18f-5b0a04b7114c.png
104.26.11.233200 OK 380 kB URL HTTP/2 cdn-1win.xyz/casino-images/pragmatic/cb23f289-7f13-4238-b18f-5b0a04b7114c.png
IP 104.26.11.233:0
File type PNG image data, 490 x 367, 8-bit/color RGBA, non-interlaced\012- data
Size 380 kB (380388 bytes)
Hash 637a87cc12a8a6ee94cdeb4640715f9a
5782bf633b73007cb05814f02d310afe22e0dfc4
56cffc65ed3140ffe3067f90668430589e37fd653ce76765b99c0e8f1b25e753
GET /casino-images/pragmatic/cb23f289-7f13-4238-b18f-5b0a04b7114c.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 380388
last-modified: Wed, 02 Nov 2022 12:54:26 GMT
etag: "63626882-5cde4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FhQdSzH%2FAOGFelnaHXUQhNs1Q8SfqmuqTPFeFKy7eEpP49oCMhANq7To9F%2B%2BYur1IWmWbT2xLsFo2qaZbBTS%2FPjmxmcDon2Cd%2F1jcKbVSd8o7RvPIFzZ6SO%2F29C3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e5cf3b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png
104.26.11.233200 OK 356 kB URL HTTP/2 cdn-1win.xyz/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png
IP 104.26.11.233:0
File type PNG image data, 600 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 356 kB (355914 bytes)
Hash f86d44273be4a004ac759bce2e14619d
83749b3e8b938fdfb3198fd33b404e816e0c1d2b
32397d57bb580176f4691771cccaa875a3e01e58aa847074710bbb57c1027f2e
GET /casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 355914
last-modified: Mon, 31 Oct 2022 15:11:15 GMT
etag: "635fe593-56e4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bxf2q14bPwip2uqvAyPHlv%2FO9u62okljCZSaWUmag2JMsY6oNpvdJCKdnwbx%2B%2BvZKXkmrjammYrXNJ2QClcFCKXLbU3oZBYXvhrYmPwfSSJAQbvst9RjlnwZO5sGzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6cf5b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/pragmatic/9d349bf5-f150-40d9-a638-ad8697789901.png
104.26.11.233200 OK 472 kB URL HTTP/2 cdn-1win.xyz/casino-images/pragmatic/9d349bf5-f150-40d9-a638-ad8697789901.png
IP 104.26.11.233:0
File type PNG image data, 490 x 367, 8-bit/color RGBA, non-interlaced\012- data
Size 472 kB (471635 bytes)
Hash 4f6415aeeb792abd3f3c43ba7b6f33e9
8b38efe2263bb7c97d6dfe3fe2b5933793a9722a
290d40e1c29c9c8cbc8c8ebedd2a5fbb81890a369046429e35be5b4159a120fa
GET /casino-images/pragmatic/9d349bf5-f150-40d9-a638-ad8697789901.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 471635
last-modified: Wed, 02 Nov 2022 12:44:16 GMT
etag: "63626620-73253"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6yeP1Y0dST5JQmA5DTgYN6RhJ%2Brz%2FMxXz2mBs5j1RpKl6rjp8UCPX1W5rLP%2FZyrCj3s4feew3ACLkzvX7hG7P%2BoQbrgZK0szCI4LWqpQQ9x4lEEGFCzvuhJlBNXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e5ce7b512-OSL
X-Firefox-Spdy: h2
cdn-1win.xyz/casino-images/pragmatic/c_c8e904ac4dabe3818f06e49a09fdaac0.png
104.26.11.233200 OK 592 kB URL HTTP/2 cdn-1win.xyz/casino-images/pragmatic/c_c8e904ac4dabe3818f06e49a09fdaac0.png
IP 104.26.11.233:0
File type PNG image data, 600 x 449, 8-bit/color RGBA, non-interlaced\012- data
Size 592 kB (592168 bytes)
Hash 9570310aa1de81a8c36a697da08c060b
28733f41d1481ad5572beefba0e8d810508f9af8
0743786e06d7adff46a3994ca34db78679961337f8faacb88eaeec2f98200c34
GET /casino-images/pragmatic/c_c8e904ac4dabe3818f06e49a09fdaac0.png HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/png
content-length: 592168
last-modified: Wed, 25 May 2022 12:31:02 GMT
etag: "628e2186-90928"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMSSOdRh5okr%2FebzOnqOiRZ%2BqJP9PvUz9NxZs%2BvnevZQ7BJy4Im21XZ4HEX44DpsWwyhIZ6GNJzgkhlpZOVWLRFHUpmxWT010soRqhvvx94M904RLdbYtuwXtkX7OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753319e6d09b512-OSL
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/firebase/8.1.1/firebase-app.js
190.115.24.50200 OK 472 kB URL HTTP/2 www.instagram.coinexa.pro/firebase/8.1.1/firebase-app.js
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (19927)
Size 472 kB (472014 bytes)
Hash 944b48088bfd1d44ff9e8cac076efe7b
69c3794bdc658148fe74118672ec6be559470640
a995fc763db1bc1cdd83f1a4f03c66ffbb697c44f5e832067374138aab669ffa
Analyzer Verdict Alert fortinet Phishing
GET /firebase/8.1.1/firebase-app.js HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-4e15"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
vary: Accept-Encoding
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-MediumItalic.8047adc9.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-MediumItalic.8047adc9.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-MediumItalic.8047adc9.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-f2c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/belatra.77b5e61a.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/belatra.77b5e61a.svg
IP 104.26.11.233:0
GET /img/belatra.77b5e61a.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-189b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j80IzJoWSDXiAEB%2BR6F937m5aXxfGsj28AmSekkTV5MYDV4Uwvdz2LY4%2FCyoKp%2F2NQzW5rn8xxcHBjUUjH3ahndGI29p%2BW%2Bywe6H9NGdKciWiAZC3zbE6CNK4rcGOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dcbe7b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/leander.f13f219e.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/leander.f13f219e.svg
IP 104.26.11.233:0
GET /img/leander.f13f219e.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-61c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR4CftEcl0%2FBYDJ4dMfT3hJDT4RoDfkLGcJ4ueTxzFgcgqFpnX5%2BRbzSgzyITNOFyavYLXmfgNGWXnfp3DL88IknCxL27ffuNWt%2FhkDnsgy54hoCKbU4pGL3d79K6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e1c74b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-Heavy.e2a14113.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Heavy.e2a14113.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Heavy.e2a14113.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-19550"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-Medium.09be2e2f.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Medium.09be2e2f.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Medium.09be2e2f.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-196ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 73
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"d7db-F/e2npv3UbDwcVPqvCeo5gTepig"
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/common/title?path=bets&lang=en
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/common/title?path=bets&lang=en
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
GET /common/title?path=bets&lang=en HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 65
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:01 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"da2-VRs66HdxFRKzN3PvWI97lzzqaTk"
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-Light.48e92b33.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-Light.48e92b33.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-Light.48e92b33.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:59 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-198e4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/pragmatic.d03eabb2.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/pragmatic.d03eabb2.svg
IP 104.26.11.233:0
GET /img/pragmatic.d03eabb2.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-52f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vLDzyC9SpokqX%2FJHOS%2BUgdUH7l4vd%2F313gxrs7SykSp4mrY%2B%2Fy6UzmA20nKpqpDoKcuO9eKfAPy7%2BbU1Vvsv%2BbdXkvLF%2Bjt5gHf5idXILFnYbUy1PugNbN6mgh6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3c9fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/spribe.fad0cc1d.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/spribe.fad0cc1d.svg
IP 104.26.11.233:0
GET /img/spribe.fad0cc1d.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sATwRFKlKhCJ48RZ%2BnaRUMP0X%2F09Tjvs%2F3vrPF3FnRIVUuN3jqVuGhJruVFl5kG3h09tWfTcAOiDXT6ehKL6Fx%2F9ED9OimD2tDj3X0LwK0T6%2Bcb8i6XMNCw7M6Zxag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cb9b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/simpleplay.436bf6c2.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/simpleplay.436bf6c2.svg
IP 104.26.11.233:0
GET /img/simpleplay.436bf6c2.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-488"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecAtk2Uxe8Pwd8G83Uelki%2BVHVFPxlzH4miZV5yYjTCZI9TDQCJMIIdwTt4cW7fv6tSJ4kfD36kDP8RcsFz4cl9mLBpw%2F%2BDMxG%2FpuTWWfd2cjj142KzGLiL5kNy2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3ca8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/leap.bc0e2780.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/leap.bc0e2780.svg
IP 104.26.11.233:0
GET /img/leap.bc0e2780.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-573"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfwQdm%2Fz0XOCBHjJAPTPe6a7a7%2BXHO1eAxluS0eNYz446oMcf7tkzTZvGHqaZ%2Fq3kCcSylb%2FZvn0nZfkaHf6tBnlI5%2FlulLn25DpPkAX7QChUsFe17Sft0DSOsCyDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e1c78b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/worldmatch.cf817465.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/worldmatch.cf817465.svg
IP 104.26.11.233:0
GET /img/worldmatch.cf817465.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTclYWLsZKcJ5UTmXou56tJ5tSt7NAhu1O3Nl5CVmbVq8aWbYZ%2FNg6N9ta7m1s%2FFVB03i%2FMKk2hZY9twGfvq7izL7pxa9pxxPXRlCQs0fMehBwQArffCVsIb%2F35G3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cccb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/onetouch.9f029d6b.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/onetouch.9f029d6b.svg
IP 104.26.11.233:0
GET /img/onetouch.9f029d6b.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn%2BCz1w5y4w%2Fu1ibki2vYRvxp8O7Jw9CnHTQdEktsJjj4djz5THFV9%2B%2Fsj%2FCelV%2FqX%2FROa0xUcgKXeKtEzeKInKZS4w%2Fupu%2FA9Th1Qw5RCFJtqKjoNjLXzVvpkIRJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e2c8cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/playsondirect.1a207fd8.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/playsondirect.1a207fd8.svg
IP 104.26.11.233:0
GET /img/playsondirect.1a207fd8.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-31e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjCBjPojLQIQL3cPzvZO%2BKGFEo0AcAxMdGhzIqC%2FbDIuVFeboW%2FT2ecnRwpFu0%2Bp4yzgy%2BStZuM5z6fx4priWFeHUO0d2b6tTQTMrYWMTi52fFy6ZQI0FknNCTlOAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3c99b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/evoplay.f6e70ae1.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/evoplay.f6e70ae1.svg
IP 104.26.11.233:0
GET /img/evoplay.f6e70ae1.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csp7MtKsP2l28G5TRnYzvKb2JxFbTsHGEi9KQZcgA9h2nWx9AjtEBGdE65KMHrQUtf5gWreP9FEXUD%2B2RviWMtA5dOoz%2Bwh1%2B30nDFHNfkLKujXnkNyXuokuUFO8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dec34b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/nsoft.32e14353.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/nsoft.32e14353.svg
IP 104.26.11.233:0
GET /img/nsoft.32e14353.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-532"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF5saqnGns7PmZxba3vRjhi2f7ecGW9tLehrZHUu9oDSqhRJ8JLD2hlIvqVJDfXgWGly7EdAx7N94Rhw1NjctsA5Rt%2F42L%2Farlfo3m8EBAzQ9eVL3ogb4HAen3ND4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e2c88b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/quickspin.8c2e4374.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/quickspin.8c2e4374.svg
IP 104.26.11.233:0
GET /img/quickspin.8c2e4374.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-c01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er7NXWL2Qy9sF%2B1gFmrAK1qG3pvKz0dZcGbOhsFqhvnf5ojtksB3rM6niUdo80KDGLF%2BXyz0SP6GAJx6TcnwhdBabqhDB%2BJDZfxdG6nY9UzKll8L7aqV94WbUkUp0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3ca3b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/fazi.bbfc51d4.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/fazi.bbfc51d4.svg
IP 104.26.11.233:0
GET /img/fazi.bbfc51d4.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-27b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEWPMbafgPSelxx0bLYiHoXDb9gNsXJAAm%2Fv68XW7phnWzzAa%2FGKLyg3auwrcvn7zlPPREZCE%2FtHOKBp2G1s10HL5cAXtJLmj%2Bfoyn09o%2F83uNhHHIIIktuJEJhDaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dec38b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/spinomenal.f05a6579.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/spinomenal.f05a6579.svg
IP 104.26.11.233:0
GET /img/spinomenal.f05a6579.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-6e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eroPFYkb17yk0428SKrRIGm58jzdjZ%2FqNEqA9XijaUi0gCVcNmt7BeKIQsJ3q7qOGxWGJBDu1GwPOBStV3RMlavhqy1xVWlF0LW7KozoPFznKmqI630V3lJH6B2Dbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cb5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.chaport.com/javascripts/insert.js
172.67.68.188200 OK 0 B URL HTTP/2 app.chaport.com/javascripts/insert.js
IP 172.67.68.188:0
GET /javascripts/insert.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/javascript
last-modified: Tue, 17 May 2022 09:13:52 GMT
etag: W/"62836750-252"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 17444129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evW5FUu%2F%2F5gx%2FvI%2BAi8v9uZINcumMArWDstV0MBKxVmDBlTT7sNGHmW%2BNz9C1mRP1AshhY0SryfygPu5no4CFIWfrRNV1%2F%2FNbw9fee00WnMEfQBBqvuDFTQvo1lNx00mOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753316afed4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-Semibold.af64ab08.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-Semibold.af64ab08.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-Semibold.af64ab08.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-18820"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-Heavy.fee26660.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-Heavy.fee26660.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-Heavy.fee26660.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-18800"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/thunderkick.65bf3714.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/thunderkick.65bf3714.svg
IP 104.26.11.233:0
GET /img/thunderkick.65bf3714.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-7e56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dwow2XyU%2FaTxET1rlnKqr91hMhDHeEbxWfkrlRW7%2BUogUrH5Ev2D5j2nVVsVmURcyZExOCkHOcwtnN2192OFzEwi%2FZzC%2BeO7CIQZonU4dYwLpkUZhtqszM1yu6GhBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cbbb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/css/chunk-3d551ac9.41b510aa.css
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/css/chunk-3d551ac9.41b510aa.css
IP 104.26.11.233:0
GET /css/chunk-3d551ac9.41b510aa.css HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: text/css
last-modified: Mon, 12 Apr 2021 11:03:43 GMT
vary: Accept-Encoding
etag: W/"6074290f-a424"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INWvNwuk0FI7ujbVj8TsvWDcevAzVXPnl7OdlKXZAWM1c8TVTq%2F%2BaJ6YdmYHlKWCM1H8kU%2F4%2FgAKPsKu%2FT879IlmGUfkZLsdBaZrguOoZn20rPkv820b6kOhiFcMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753318bea12b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 63
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"1905-e/DTrBQ/RZHVBY5Ul13vbgdJNr8"
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-1win.xyz/common/banners/all-v2?lang=en&type=desktop&bannersType=main
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/common/banners/all-v2?lang=en&type=desktop&bannersType=main
IP 104.26.11.233:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Origin: https://www.instagram.coinexa.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-origin: https://www.instagram.coinexa.pro
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhY2il5kcuCr4sOSXi2TapSlm5bwds%2FMaWiS%2Bi5JzLbup5AsqCKEMW8ZDRWi7%2B9cz2ce5SqDgxkrGOAKVVuRbzPVrjHIpr21o2B4eakvOKt89UjDC7BhStWC%2FJU7xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753318f6858b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-Heavy.5a5c84e9.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-Heavy.5a5c84e9.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-Heavy.5a5c84e9.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-89ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-BoldItalic.2edb52e3.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-BoldItalic.2edb52e3.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-BoldItalic.2edb52e3.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-ef84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/mrslotty.478c3530.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/mrslotty.478c3530.svg
IP 104.26.11.233:0
GET /img/mrslotty.478c3530.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-8d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWTktyV9PnZPuRXEMVxYXqDAbWvd0npNQs84qCMmJjvHUq2VeQa54xpy3oUOWgZnkWsm%2B6U5jRD8SDKkv1pvBB54AsZEjIO6EgIikUsIERdtW1nNB9ZMcECbqcH6iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e1c7eb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/netent.a90d4de5.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/netent.a90d4de5.svg
IP 104.26.11.233:0
GET /img/netent.a90d4de5.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-172"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQuX2LnkuGvECPhkfnyUac6rY74cBq9oDKhQpw5WxJSXDtZkDbwFPwmZHDELwOCJsISk7E%2B%2BFYA6iwWtpKjvcTmP0lYbKOBsg%2FmZ1anRN9hSCAe0chY40I73PvzzbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e2c83b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/pgsoft.c113fcc7.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/pgsoft.c113fcc7.svg
IP 104.26.11.233:0
GET /img/pgsoft.c113fcc7.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-d6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rEntAg6x76VV89p%2FdpVPONPHbIE3IDl42gVeQnPH35l7hga19IKOIA2Q4zyCvpJLkzm6AYGiOHF%2F0XgVUJmQJ5nbXKSqjea1kR4mUeUPW7gXvdUeuyNZus4sUJV3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e2c91b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; Domain=.coinexa.pro; HttpOnly; Path=/; Expires=Wed, 06-Dec-2023 07:08:54 GMT
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: text/html
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-30371"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
app.chaport.com/assets/insert-main-f5949054143199d9a1f482cbb8979459.js
172.67.68.188200 OK 0 B URL HTTP/2 app.chaport.com/assets/insert-main-f5949054143199d9a1f482cbb8979459.js
IP 172.67.68.188:0
GET /assets/insert-main-f5949054143199d9a1f482cbb8979459.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 11:30:35 GMT
etag: W/"63849bdb-4f53"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 675038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5vEYriae5JUUI46Zij2MBTxlzhGa7YwSMe4wnFrG66gXfUIWvf%2F1b%2FWnGx%2FFe7KtdGpwyaf9%2FOIPBh0cK5uZEBzIi7ItlOjU4wgryegkpDnDqs3oLn2cvJRFOQjhsPzKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7753316c6fd0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProDisplay-Light.0229ea63.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProDisplay-Light.0229ea63.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProDisplay-Light.0229ea63.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-18368"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-BoldItalic.aa43b00e.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-BoldItalic.aa43b00e.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-BoldItalic.aa43b00e.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-10564"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-1win.xyz/img/oryx.63eb9658.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/oryx.63eb9658.svg
IP 104.26.11.233:0
GET /img/oryx.63eb9658.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-507"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dekEuFqugLhPFRy%2F%2FH4PFMOglHFMyY%2FjA22fWjsGAyIg4UDJSSfqzZGtuxAuyppIitP%2BJ2GUzfp8IaSqOQN97h664PWfw19TmpvpOG6oDjgzy%2F3ylHIZIAHKuw%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e2c90b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/vivogaming.f01a9348.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/vivogaming.f01a9348.svg
IP 104.26.11.233:0
GET /img/vivogaming.f01a9348.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-f228"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prDFj0BbcKD416bmH9oC5BjCq2zA1tuEhAjPbWvawmePQ9RESiQi39YDlIE8IRrwDoGJADNwx7X2mjO2VmpSuXEhfBveHe1eVRo5Vm0uo%2FBKFRO0Mkpw%2FzTotIvHJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cc4b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/kalamba.f4f50854.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/kalamba.f4f50854.svg
IP 104.26.11.233:0
GET /img/kalamba.f4f50854.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-abf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUScBs8S2FmZwjUEK6UbDW4GWDi13pRvgO7UFG9rUQJgPajHS7Xun5%2F3p3UwSIUaL2vWKCbH05gHyYIN%2Fcd5MoTpMab3D71E2kYGHdUrrkwjZel6Km9E4b5lg2AxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e0c68b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/playtech.76a436e9.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/playtech.76a436e9.svg
IP 104.26.11.233:0
GET /img/playtech.76a436e9.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-6ee9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUs%2BaCdvxiSEve1v%2FMtvK%2FE8Dw0mlotwJ%2F7vA3dydxLwG4cd0JUsrWJX2hn6VnZV5kjV1VHJmRuTfkCjL8cD7ctppHZeS6G8H0zjM1YBKYc0VNo1sSmCfXcQBpXJpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3c9bb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/apollo.80e11e32.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/apollo.80e11e32.svg
IP 104.26.11.233:0
GET /img/apollo.80e11e32.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-3c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRIrnyU2ctQ1DlkYSswvVkWbD%2BOy45duTTGhfZ3FDr%2BnI7LGHN7pSX%2Bbugzp3JUSyNsCsqL%2FSEke9VIR3rdUd0KS8ibqG3IRr4N6n3EK6YXDNRd%2BBM%2B3cel4fO8C%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dcbe0b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/green%20jade.5ace9a61.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/green%20jade.5ace9a61.svg
IP 104.26.11.233:0
GET /img/green%20jade.5ace9a61.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-2687"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJrnQkjYo5dIb3gdIjsHHwUnjXdCedqmHI4C8lkxoxdz9P%2B0kN8lZOtfXxQmA2%2BSmP06gixRfU9InpEjkqAga9i2Ta%2B9DuN6%2BkyV1Ky9ZyA8bGa0wdTD%2BjqxN5VmpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dfc4fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/truelab.5129425c.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/truelab.5129425c.svg
IP 104.26.11.233:0
GET /img/truelab.5129425c.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-1043"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87GoRwWV8pqFPh%2B3iB204eLN1XQq8znjY77mH4kWVxdPRbiXyPG3CAF9vmBnvOVyJihP9XeB4QIAYDdSBcLpFYs6j8w3fK3P594Ma47fABy7dZjY%2FLA1vx242mZt7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cc2b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/wazdan.90719426.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/wazdan.90719426.svg
IP 104.26.11.233:0
GET /img/wazdan.90719426.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-206"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVR%2FftlEx0U0uuj30LiosZnK22D8JUzU1wU7IOQgLHw37%2FOHwZEPs9cuR%2BzfrPVkcdgyoF7tBVGkPi81IPh51jhvJlGNUekPWUObMLuhdQS8v1Ta5LssasceYCpVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e4cc6b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 63
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"1905-e/DTrBQ/RZHVBY5Ul13vbgdJNr8"
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-1win.xyz/img/redtiger.128188d8.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/redtiger.128188d8.svg
IP 104.26.11.233:0
GET /img/redtiger.128188d8.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-2a9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaNrh%2FXNPPYC5MHfACyPw62Yw0OtyKoOLL%2F7KuorDX%2F6prmxLFk%2FOlhZnV1cJ40Kd6j3HU1uMOJKrneRT4PdjH0nVFjtqeUJjzGMebuJ1GHAG5kcVOoBO2cUvHVnqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3ca5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/bet2tech.9b4c0af6.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/bet2tech.9b4c0af6.svg
IP 104.26.11.233:0
GET /img/bet2tech.9b4c0af6.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FhSpGBFF%2B1eqQMEbVDguzP0hKjUlig5L5EUiST76ZRJYZt8hrnbqoz90ksbyucg%2FwsHGC6sRYcooXZ2goy5jNhVYRBVMnFYmgXTAX7ubuvSZXuUyBfamqwmKbaAzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dcbedb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/spinmatic.681672e5.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/spinmatic.681672e5.svg
IP 104.26.11.233:0
GET /img/spinmatic.681672e5.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-b03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV4OULJqAGeI0DBhfI6nPF3LYN6IRaWxb%2BngnWOhp72t6xjzFighJEiUCjwoJtRiCd%2FAMFUkqRFsFwf9MasZUpPq6X7OJiBDVMjb9ownAE6%2Fdn9WLSjlMWHKE9u6GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3cadb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/js/desktop.91545834.js
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/js/desktop.91545834.js
IP 104.26.11.233:0
GET /js/desktop.91545834.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:08:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Apr 2021 15:31:43 GMT
vary: Accept-Encoding
etag: W/"6065e75f-20a8f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nXfzQMBrW88PNENq9fDCBY%2FtTmKpOijelSdd1jOW7wLr%2Bx9OjqVS0J1lptnBxQkW8u40yKrJIu8NCoNZ%2BlfqRh8rbKzoypBF54sRb1FPMJ%2FVCBxDRrqSAk%2FlR2Ztg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775331729aecb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/microservice/ask
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/microservice/ask
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
POST /microservice/ask HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/bets/home
Content-Type: application/json;charset=utf-8
Authorization: [object Object]
Origin: https://www.instagram.coinexa.pro
Content-Length: 73
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.81.216:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.instagram.coinexa.pro
access-control-expose-headers: Authorization
etag: W/"5a8d-YawyUATHMlC0RyMbSfcVsz3kOQk"
x-powered-by: Express
content-encoding: gzip
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFMono-BoldItalic.6896ab05.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFMono-BoldItalic.6896ab05.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFMono-BoldItalic.6896ab05.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:58 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-8d2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/js/chunk-vendors.c0818bb7.js
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/js/chunk-vendors.c0818bb7.js
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-vendors.c0818bb7.js HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-40180"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/fonts/SFProText-MediumItalic.6e632d20.woff2
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/fonts/SFProText-MediumItalic.6e632d20.woff2
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
GET /fonts/SFProText-MediumItalic.6e632d20.woff2 HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.2.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro; _gid=GA1.2.1907712577.1670310533; _gat_gtag_UA_174162538_1=1; core-sticky=http://10.233.74.247:80; amp_c644f1=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486l1.0.0.0; amp_c644f1_coinexa.pro=7dMcIx0fSnSDfFL-Hryx1K...1gjj486ik.1gjj486j0.0.0.0; _ym_uid=167031053549636879; _ym_d=1670310535; _ym_isad=2; _ym_visorc=w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:59 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 15:23:30 GMT
etag: W/"6065e572-10bb4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.instagram.coinexa.pro/affiliate:link_visit?visit_domain=instagram.coinexa.pro&sub_ids=undefined
190.115.24.50200 OK 0 B URL HTTP/2 www.instagram.coinexa.pro/affiliate:link_visit?visit_domain=instagram.coinexa.pro&sub_ids=undefined
IP 190.115.24.50:0
ASN #262254 DDOS-GUARD CORP.
GET /affiliate:link_visit?visit_domain=instagram.coinexa.pro&sub_ids=undefined HTTP/1.1
Host: www.instagram.coinexa.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.instagram.coinexa.pro/
Cookie: __ddg1_=iligCmbRF9SjYDuUuW9W; _ga_0QLHZPHB9W=GS1.1.1670310532.1.0.1670310532.0.0.0; _ga=GA1.1.523507903.1670310532; chaport-6014024a338ea608cb8719f9=2f582988-cb1f-44fb-b930-29dcd5318e5a%2F1FYCF1Ck9bVqQMAdehv6BLlHoNCLfmBznfZ; visit_domain=instagram.coinexa.pro
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 07:08:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-expose-headers: Authorization
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
set-cookie: core-sticky=http://10.233.74.247:80; Path=/; HttpOnly
x-powered-by: Express
access-control-allow-origin: undefined, *
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn-1win.xyz/img/booongo.e46e2bdf.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/booongo.e46e2bdf.svg
IP 104.26.11.233:0
GET /img/booongo.e46e2bdf.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-8ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKm4rwhC0WMgJvIRhzStYmSAh%2B8xTDqmDnoPB4TwWfmp8WGZ2n5y87rUhIEuvjaB%2FtBUBzLPcbsPc5ezblyHKx81sCJVJjazefbNFc%2BO3vrqj4rFDPiNuiIS5zZGxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dec0bb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/platipus.aaac75b4.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/platipus.aaac75b4.svg
IP 104.26.11.233:0
GET /img/platipus.aaac75b4.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-1de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuepLEgr9FxlZiV%2BZMRMUzwQxI6%2FrbskiqjfGM8f4xPLgal4ITIBv%2Bxt5PnH7J7L%2B6suR6our%2Fcwja1D67pj0fhn7VAx%2ByDooOu2bfSNeFl5%2Bd78IzbiJpMQofKpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3c93b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/endorphina.6a1d1a95.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/endorphina.6a1d1a95.svg
IP 104.26.11.233:0
GET /img/endorphina.6a1d1a95.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-3a771"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B82uRc7A9fCXiwPzpQvZqOLUxt3D5kQckMvHzsla%2FqqMRw%2FH%2BzKcYpfFZcZdMQoyEr1IGtjNiJSRBi5fWr2%2BO0f7oSPB9Og8i%2BTeFtvr5lkAPSM7%2B8ijVR%2B9L2rKlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dec2ab512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/js/chunk-cdb570ec.db6aec29.js
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/js/chunk-cdb570ec.db6aec29.js
IP 104.26.11.233:0
GET /js/chunk-cdb570ec.db6aec29.js HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Apr 2021 13:36:35 GMT
vary: Accept-Encoding
etag: W/"606db563-385e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwQBo0nvpCpkSTKMxVwDSPhyqZYc42BTW%2BsiFt3fkkDd7UAi%2FVWKLZ2YlRwEsyYswKFifk42ncuZncortMOnAbXjc%2B7S3xaggUsm9eW8CyjwjniLmz5fd44%2Fad3drA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753318bea01b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/habanero.dd28de0f.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/habanero.dd28de0f.svg
IP 104.26.11.233:0
GET /img/habanero.dd28de0f.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-1077"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJI%2Flr1d6Sl%2FcoGMei4K2lj0sx65mbL9%2FmpMqenDXBWvEhzqwKoxto1lVVGx7Z%2F7rDG4rYfaZzHO5ZlRzNVl%2Bf3tDz5tbMaUBpLxyEDj5rkFK5S3AThlK3BMAJKH6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319dfc51b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-1win.xyz/img/spadegaming.2f4b42a7.svg
104.26.11.233200 OK 0 B URL HTTP/2 cdn-1win.xyz/img/spadegaming.2f4b42a7.svg
IP 104.26.11.233:0
GET /img/spadegaming.2f4b42a7.svg HTTP/1.1
Host: cdn-1win.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.instagram.coinexa.pro/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 07:09:03 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Mar 2022 11:30:50 GMT
vary: Accept-Encoding
etag: W/"6242edea-694"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8xo40I8Za3Q7BhsTKgQ9c6Blz3qukDYoxLVUNM34aCNvYnNMYsy%2FIwzOKq8ZYm3PoXd%2FUzROUovZCPyDRsk5QJdqNMGZaZFBsQwgGAO98aFoR9fiXeq%2BnazmJ2XYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7753319e3ca9b512-OSL
content-encoding: br
X-Firefox-Spdy: h2