www.grandocasino.com/gaosmc/ca/index-uni.html
104.21.40.12200 OK 18 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/index-uni.html
IP 104.21.40.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2100)
Hash fd0dd6a4a95f5b7c738b5f76234c96ba
63e82deb907bebf74387c28003b77311554dd1fa
8f54f7671e0c9a4e90465038c47fe9bb46e6ad1acb9abacc9fec0f84b382c62b
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/ca/index-uni.html HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: Nrt6u6rOL1ifgTRNyER4hfRq7m4oEgoKElahrXxVDRPjOJxvJAgJQ/hzQ5wyqs/7uGOr+FtroGQ=
x-amz-request-id: YKV2AT0VFDSBC1SK
x-amz-meta-sha256: 73768820ca9e3eff43b0b87c8bd47041ba1162165dbb02901bd7c2411386e05b
x-amz-meta-s3b-last-modified: 20220322T113921Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJauK%2BsKSZpS9cRGYSuisRf1w4aHslpJunlmaE9cnLgW%2BpuCWHOnd3FwdyNPZOQiKGmfNh%2Fyp%2BYCfNn2tJRPHNBaI5Off0LYEGWcBzj9df1mokWlLzfcipcLqaO1s%2F4MKMwoXR0vVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77742089aaddb4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3038
Expires: Sat, 10 Dec 2022 07:55:11 GMT
Date: Sat, 10 Dec 2022 07:04:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2321
Expires: Sat, 10 Dec 2022 07:43:14 GMT
Date: Sat, 10 Dec 2022 07:04:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 06:33:19 GMT
content-type: application/json
age: 1874
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15325
Expires: Sat, 10 Dec 2022 11:19:58 GMT
Date: Sat, 10 Dec 2022 07:04:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: di7OUnzPJOvmtS2eq3I/Z7P3FIDdakOETvDDuD1b8U/S5cCClwsH9oWJbvKHA5pnLrc+caHbxh0=
x-amz-request-id: YXXVC21PBGDA1D8E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 06:50:34 GMT
age: 839
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 07:04:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:04:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.grandocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:15:39 GMT
expires: Mon, 04 Dec 2023 15:15:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 488935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandocasino.com/gaosmc/ca/style.css
104.21.40.12200 OK 2.8 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/style.css
IP 104.21.40.12:0
Hash 005725c4c4b208228e2f9f2b994ad1b5
e4a6a3f7e75918c5a4b67ded44d37061bcb33f9b
7ffb390fbd93b3aa6917a0883f511792b6b258874cc16f09ac8468c63d1f698c
GET /gaosmc/ca/style.css HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: phtBIL+QGM0886Wz8kEnig85tcHJ4S+eRJKFDB0kuFvnppejzirxJlOyUaCOA5gEcGobHcZkaeA=
x-amz-request-id: 8N9JFV8QDB4KFJ57
x-amz-meta-sha256: a89f7dbde33f58f204aa2cb2139233cfbc21578e57660c9cc7ac2a7a281244da
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: W/"8608d2cc441998fed96ad7980a8b0ad4"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKJ042Sfzxy9sO3osejqjGgyNmKOmzsQvdO6L2H3pcve%2FS54UUiPM8JpVlrKHd%2BBivRv0DFT3s%2BI0u65W2RBevWd08IxS10HnLwfHeNBtSrJl1R3SKDQdDZyWaoZmz1Q64Wx3ZBgIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208bec9bb4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/sounds/spin.mp3
104.21.40.12206 Partial Content 8.8 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/sounds/spin.mp3
IP 104.21.40.12:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/ca/sounds/spin.mp3 HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
x-amz-id-2: ibLEPkbWo2QLxTBAqM0Rkd9l9CH+ZwlVkXzOw8nrZI/lPKkqkV9zFLYJuTBpTkTRxWNY+PObMqI=
x-amz-request-id: 3X6CC3BR0CM6GKM5
x-amz-meta-sha256: 9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "5a2e10964c7fea8b0181831184bc0d97"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-8783/8784
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2PK16dSjj5nsng0uig1JfHGq4iUeLAzpdLd7ecq64cBL3ouUSCdX%2B%2BFPo7D5%2BBRH6SGgTd%2FH6GBnzwmjeQRYW2Y6lKxOfP5UIW7rP9kSktkacLS910iwmBlEqATRKi1zkAC%2FpVIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774208d28a8b500-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/red-arrow-right.png
104.21.40.12200 OK 1.4 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/red-arrow-right.png
IP 104.21.40.12:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
GET /gaosmc/ca/images/red-arrow-right.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 1362
Connection: keep-alive
x-amz-id-2: YCqeqL0wFQow0PSpEvN2L3fseyD75oGMfpPg9FAyqXC9NscFm0ycpI78Y6bAk5h9LlaxpG1vbRs=
x-amz-request-id: 3X65S69BQTNNEFYQ
x-amz-meta-sha256: 9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "881bdc037be8895ba5d8d53456890e7e"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOJHoiqaXNkTupZB22IHjaIIlYzysdsbSMYZclwwHM0DrU48J841iLjTDnYPW6D%2BcqFQ4cgWC1dfTTO1bSFLDmCj3C4LNsCXNPJpKISeFKI52uXyzPMziXzY3LacA9koaiWImWV5oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208d2dfab4f9-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/alert.ogg
104.21.40.12206 Partial Content 6.1 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/alert.ogg
IP 104.21.40.12:0
File type Ogg data, Vorbis audio, mono, 44100 Hz, ~70000 bps, created by: Xiph.Org libVorbis I (1.3.2)\012- data
Hash c24ec40453460f0d5617767016ebc7fe
c360aea4f0d0a34920ddacd376503734142438b9
6c24b85e36500836887748ab5fcfa2663bd6ab39d28f73e75aa5a669bf9386cb
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/ca/alert.ogg HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: application/octet-stream
Content-Length: 6061
Connection: keep-alive
x-amz-id-2: a7v6jvTksv959MgFaF58xcY9Vn9NZrhWnFlpjBrZfCesaoCmGDXlAOhvQBw+2fT6TS1LXulel7w=
x-amz-request-id: 3X6EK9GGPWMQCC7W
x-amz-meta-sha256: 6c24b85e36500836887748ab5fcfa2663bd6ab39d28f73e75aa5a669bf9386cb
x-amz-meta-s3b-last-modified: 20180313T072906Z
Last-Modified: Tue, 22 Mar 2022 11:40:26 GMT
ETag: "c24ec40453460f0d5617767016ebc7fe"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-6060/6061
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3YhFaifivwT%2ByQMBRuMDLZcdKqvO2tvEvJ5r0%2BjuYDDWinUI%2FY5O81dOp1IR8m%2Fur6pxyGrEovnjCqrw1rMcc0RHe%2FMjczr2vWfKgP0pQN0NhqIKbeni4CyJdgvllzKZ5wITlCS8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774208d2f7a0b59-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/sounds/win.mp3
104.21.40.12206 Partial Content 10 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/sounds/win.mp3
IP 104.21.40.12:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
Analyzer Verdict Alert fortinet Phishing
GET /gaosmc/ca/sounds/win.mp3 HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 206 Partial Content
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
x-amz-id-2: PGLhD1gBcxbxMSM+zYNy8yBlCGOmNIxWcbEioKXZyhkd8/XVkiULHDO7+C49UOZtYZjKzYlagRI=
x-amz-request-id: 3X61TJXP22MA67WR
x-amz-meta-sha256: 635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "bca40777013dec4a99eaa8b0b98a7fef"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Content-Range: bytes 0-10390/10391
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJdQ5d%2BoKbR8wInDUajBO3f2JuMzzHp04vwvN8Z9UtCa3YQdRX76GCcc5a3Pd%2Fb4PDenTJnvRoP6PWxX8FW2Z4dTlYorUaZ%2F%2F10gKoHc1udbYSqjyIt4EwjswKtEfZmi4PUv5kPwPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7774208d2cbc0b39-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/arrow.png
104.21.40.12200 OK 154 B URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/arrow.png
IP 104.21.40.12:0
File type PNG image data, 12 x 12, 4-bit colormap, non-interlaced\012- data
Hash 4daf12b0677dd9ae8923d3154187d1d8
d20e8f0a0c1a72d20cd421ba5e162ff938896e51
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
GET /gaosmc/ca/arrow.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/style.css
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 154
Connection: keep-alive
x-amz-id-2: ohIO5aK1ZJ8k8pOWw1/IA/zJkbJpX/0Rfx8cwZdnr/6mSBp3vNyDtVUGX1lQqXVQjr3PZsRCu90=
x-amz-request-id: MRT39RC51J3T80BP
x-amz-meta-sha256: 5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
x-amz-meta-s3b-last-modified: 20180313T072906Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "4daf12b0677dd9ae8923d3154187d1d8"
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 5858
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLgsitw4aKbIrANiHC1rVv1h6jDn57FMdauiw7v%2F%2BaPuuac032K0CY%2BUUm%2BLqSHJXvrDNiBeYFk8xff%2FhlrjZkKDri0IfzoyhS7iYbtQsHb2dz4er1N98mUd36TjMc8W4Mfzy9kF%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208e0eb2b4f9-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/red-arrow-left.png
104.21.40.12200 OK 1.3 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/red-arrow-left.png
IP 104.21.40.12:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /gaosmc/ca/images/red-arrow-left.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 1334
Connection: keep-alive
x-amz-id-2: n7yOmvTGpjTv1BiRnI8GBgTQ2n7bVogSJzsbcK7U7/7II1W3K8ZXc5DRQbRK1+WYSOPapHojlA0=
x-amz-request-id: 3X62FXGCZPQ49MAA
x-amz-meta-sha256: 4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "92d3e482cacea857c5dfaf9fa3a21dfb"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zgr7%2BgBl4p00ll0jz4BIk3j5c5t7OnfqVH487eZtJR2If7vuEcKu8PrhPD1VKsGdCyb1%2FbUJ2R5YPfgFMVqE%2F%2FpNedk7kNhRQLo3hYPWRjHCWtlPqdXs5fNzmXVoK2oQblRj%2Fqy3IA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208d2f78b50f-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/slot-win.png
104.21.40.12200 OK 14 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/slot-win.png
IP 104.21.40.12:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
GET /gaosmc/ca/images/slot-win.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 14391
Connection: keep-alive
x-amz-id-2: 4VMBqbbgOv+VxZjOk/E5oKgAh9CYztEqqc+ugx9C1mx7SpElYwA4/zyqiPRCdiMcahodHXzEe54=
x-amz-request-id: 3X65QDHSEEVCVVGC
x-amz-meta-sha256: b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "939b6a73c96383ac0842317037f3a0f0"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gQOLX3a%2FcfABNsgjRatr9YvAGsDgklNuYa871FP5LrKCY85e1BN6NnTn2y5BRoP0ICkuUBbaSuJqWA3foF1BG2B8FooXJJ5tjp%2BsyfO%2B4i8v2iDsrUE3lhpQ51pXhRPbISDG7txmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208d2a9ab529-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/CA.png
104.21.40.12200 OK 1.2 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/CA.png
IP 104.21.40.12:0
File type PNG image data, 50 x 40, 8-bit colormap, non-interlaced\012- data
Hash 80c675990be83b696584c6bae4fa6af4
1e5554dbdcbd4c05f1227a4ddbe9dc3bfd280ca5
3fe7db2d24eb1bd7144f5da798026ca82abe351c377cbbc25906acf1fb573981
GET /gaosmc/ca/images/CA.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 1185
Connection: keep-alive
x-amz-id-2: xQMJNjU9UdwhFGxfTafsKkDBINv1UoCrmWw8d9vwMMdQXaHCU4ZYeDOGmJ7F4Nq33vhoynRqozs=
x-amz-request-id: 3X61M105MTCCTZNA
x-amz-meta-sha256: 3fe7db2d24eb1bd7144f5da798026ca82abe351c377cbbc25906acf1fb573981
x-amz-meta-s3b-last-modified: 20180313T072906Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "80c675990be83b696584c6bae4fa6af4"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx8hKWKtrVUqsl2PL7qsT3Iqd%2F2TXmjaFmMltjd%2FTc9oOOf1ro%2FA30RntZ70dRPkDUdguEEN%2FPs%2BNzAuFJqT%2F3I1J%2F%2BzPZTKA%2FcZ3v9Eq4ObDSpruMFcILSmWKyB0DLZ3L7c4SV11A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208db91bb500-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/slot-start.png
104.21.40.12200 OK 26 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/slot-start.png
IP 104.21.40.12:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
GET /gaosmc/ca/images/slot-start.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 26084
Connection: keep-alive
x-amz-id-2: 3rHNx6xoofc+KdW6mkrC788s6flTmiip+r9TM/KfFQSSZkaCKYA3Me4uC3QuxV0bjljG8tY/bjY=
x-amz-request-id: 3X6A5ZXDCRMW4HP1
x-amz-meta-sha256: efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "f491647556e492de92530b48827690aa"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2B%2BN523o6W%2BOdXpWoNpXg7C%2F7TpG%2FOyDCGqaddckWrTbMwUmE9H%2B0wdRjDcLdTO3kFVXXanmudWE2sn3MmusJJ3GODXOrLCxwXPBu8XRFOMDQQmbp4gPqBxJbIIESyqcqbKRpuPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208e18160b59-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/slot-result-1.png
104.21.40.12200 OK 20 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/slot-result-1.png
IP 104.21.40.12:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
GET /gaosmc/ca/images/slot-result-1.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 20370
Connection: keep-alive
x-amz-id-2: IDF1X1d2HGLMMBbNxPpw7QG81Ui4WtiPTbx/C1QWkwqbyEV3yzeIxAnjmfTg16faC4IKzeb1jR8=
x-amz-request-id: 3X69HPVZANZGM6PQ
x-amz-meta-sha256: c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ3R7PsCletucJAPs9eGHkUnUZb0H10Gr5PbgqVdz3yAnw3v0h8tKEteogOIOBV3HLzkbg2MB3t6%2BkhT3Czruc51yAFwOYMLiMnmRQ9gCOjCegYwkfQhQa8EtuHZqmQeNPKLRig2jg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208e2d2c0b39-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/slot-result-2.png
104.21.40.12200 OK 27 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/slot-result-2.png
IP 104.21.40.12:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
GET /gaosmc/ca/images/slot-result-2.png HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/png
Content-Length: 26733
Connection: keep-alive
x-amz-id-2: y/HD8LzYnTdtOGBGagDxGUBZv+SFt41jsAIzsA5BQ76OPZUOZ/ViFHeYBuObdlsJaW4fxP2YKXI=
x-amz-request-id: 3X69Q8ZGYKGCQDJ8
x-amz-meta-sha256: b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "b6ca0bfea4d0cec334f128f5c2c44cff"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lo725gmPJnZBIzixaWl1VVW7J%2BDtNeYSS9Wi9%2FC09mqt9HEfUi03LMiovbjk75te8C8MhuEb7hNQSTlSv719SDEXbNnhi8sg92yrQAlid6%2F1C0z5Q9NMxSk7xXmFRznZAEIyqHxp2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208e384fb50f-OSL
alt-svc: h2=":443"; ma=60
www.grandocasino.com/gaosmc/ca/images/slot-spin.gif
104.21.40.12200 OK 88 kB URL HTTP/1.1 www.grandocasino.com/gaosmc/ca/images/slot-spin.gif
IP 104.21.40.12:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /gaosmc/ca/images/slot-spin.gif HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
x-amz-id-2: EzBbM2OErMOAA4KXW/nsGPA1p0FD03OxYeWl/Zeay9nwqztAnm89BsjZt8DGaVPljoI+WRgE5/E=
x-amz-request-id: 3X6344G3Z14Q16NM
x-amz-meta-sha256: 7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
x-amz-meta-s3b-last-modified: 20180313T072907Z
Last-Modified: Tue, 22 Mar 2022 11:40:27 GMT
ETag: "617c16c5e04c8603dd7f157862b1c682"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgZpMly0Fa6Q4O3WEKvo3%2F1zA9OwIRRqryCt9VK5nq1Y1Exa4VgUwiD96xJJJKAmJIIAZtYXdL1Hep%2FyI6VNNC%2F6PW8%2B3pDi2XGAYLUOCI%2BT4iwylJXsbM2tCJLzw8GRmt%2FH9XjfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208e2ec2b4f9-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 06:33:14 GMT
age: 1880
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.grandocasino.com/favicon.ico
104.21.40.12200 OK 782 B URL HTTP/1.1 www.grandocasino.com/favicon.ico
IP 104.21.40.12:0
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 0eb09e517a8926b7ec88482888207ff5
3f35d319e506fedd07d84dd917b8554572824181
813cc72cbd0b9941988902a6863ef9e7668511c02a608565c114a2633f10bbce
GET /favicon.ico HTTP/1.1
Host: www.grandocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grandocasino.com/gaosmc/ca/index-uni.html
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:04:34 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: VS+isBofQGr1hksiLcUBhbapEHlZ1fZg2pg7gwemSQ0J/ThcjpKBweYr9P6Mc+gWI/dFd/Tb6lU=
x-amz-request-id: F8A7VZWDRWM9VSRK
x-amz-meta-sha256: c067dca3930f1e036863be5aa6931b483993fd6f4a47ca31b9ce4b484db1d72a
x-amz-meta-s3b-last-modified: 20170816T092424Z
Last-Modified: Mon, 29 Jul 2019 10:53:17 GMT
ETag: W/"1371ff7c9175cc599bb8ba2a169486ed"
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 5851
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d98Llc6h17ziJlW61G0efDcLb6VOLftYsUfJ4bTUCkWHpD8avHAk54z2Dv92HL6lIWeovblk4TS%2FJP1XCq4Sd%2B870O9TUsfL7UXROKdm%2FQmvMx%2F0oBmQSbvBDkIGrR3ReZ7oqx1FkA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774208fe969b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2506
Cache-Control: max-age=96247
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:04:34 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:48:41 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0dhCKrTz82ug2XSMCQlRLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yLAjX0szMCZgqw4eXruGyhLb7pA=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 07:04:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 07:04:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 07:04:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 07:04:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IlrFT2ydf78BXS67A0IN1KSc_OghPx7hpoY9wmwUxtX8Ivwth70F1w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:13:10 GMT
age: 31885
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 85880
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: 87cb3342-c784-4ea1-a96e-d1e581a86bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czqP1Fd0IAMFdww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63915731-178eb2960448312e146f5bd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:17:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BjbkkmxxwK9xut7yloGC9fRwhMLQRtfcU1JWiyqAUfMNk-WPQab1Cg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:10 GMT
age: 32485
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 33088
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1MetqwAsoOgTEJAPG8IneF4rj2579sLBLD_gw-745LeAncWCHW6J2Q==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:54 GMT
age: 32381
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SUiLcs9cM_Q2oag4xs_Wo3Tya66gJQe5A3eoFoXBGQzXfDGGroojSw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:49 GMT
age: 32446
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 32784
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2