i.ytimg.com/vi/4g_NCGptVwA/maxresdefault.jpg
142.250.74.86200 OK 90 kB URL GET HTTP/2 i.ytimg.com/vi/4g_NCGptVwA/maxresdefault.jpg
IP 142.250.74.86:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintF5:71:D6:56:B9:45:4B:F5:FD:12:4B:A7:FF:5F:1D:C9:74:FE:B0:C8
ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Hash 8a73fb5454664681af3aea05e658e456
5dd277f8a2b6dcf3f3bf08d09462c365250e5652
a4d325297e4a3ceb91fa39bf2bb56f2481a8f48f793d89d0204efcb7df25c2b8
GET /vi/4g_NCGptVwA/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 89785
date: Wed, 24 Apr 2024 16:17:26 GMT
expires: Wed, 24 Apr 2024 18:17:26 GMT
cache-control: public, max-age=7200
etag: "1348633431"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/Z6QkGhcH8oU/hqdefault.jpg
142.250.74.86200 OK 30 kB URL GET HTTP/2 i.ytimg.com/vi/Z6QkGhcH8oU/hqdefault.jpg
IP 142.250.74.86:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintF5:71:D6:56:B9:45:4B:F5:FD:12:4B:A7:FF:5F:1D:C9:74:FE:B0:C8
ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Hash 1a0051a4fae50f018b332dd431c6c8d0
164849b357dfe2a51e66739b6a85d0d402da5f22
9b313eda71c5d8a295ee89d61bae929342493086d7ea38c52ad2d516b9d77e72
GET /vi/Z6QkGhcH8oU/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 29732
date: Wed, 24 Apr 2024 16:17:26 GMT
expires: Wed, 24 Apr 2024 18:17:26 GMT
cache-control: public, max-age=7200
etag: "1405931890"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.winamax.fr/img/content/team/ManuelBevand2_b.jpg
52.84.150.54302 Found 110 B URL GET HTTP/2 www.winamax.fr/img/content/team/ManuelBevand2_b.jpg
IP 52.84.150.54:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerAmazon
Subject*.winamax.fr
Fingerprint28:7C:7A:46:32:E9:8F:63:A5:C2:37:14:6B:68:76:86:BD:33:E1:42
ValidityThu, 01 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash f366e0e18b589cb6f243bf43ce75e83c
0f95dda86ab28586f00bc878b42ecd09e579a890
075f0fd7eeb4bfec31816d61be72b064d4899853b224bd5f380041d7dd0b1d19
GET /img/content/team/ManuelBevand2_b.jpg HTTP/1.1
Host: www.winamax.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html
content-length: 110
location: https://static.winamax.fr:443/img/content/team/ManuelBevand2_b.jpg
server: awselb/2.0
date: Wed, 24 Apr 2024 16:17:26 GMT
x-cache: Miss from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OnDiWsStgszkY3FFtaOUWRGnLEEUHFwq6zKkaBz1PxCLhSXKzFJMng==
vary: Origin
X-Firefox-Spdy: h2
oddslifenetstorage.blob.core.windows.net/casinobeats/2019/05/Genting-Luton-33-small-e1558346051504.jpg
52.239.141.196404 The specified resource does not exist. 223 B URL GET HTTP/1.1 oddslifenetstorage.blob.core.windows.net/casinobeats/2019/05/Genting-Luton-33-small-e1558346051504.jpg
IP 52.239.141.196:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint02:B8:22:70:5F:C7:D4:D7:F9:35:AD:38:38:2F:AC:C3:6B:E1:3C:0A
ValidityThu, 28 Sep 2023 06:12:25 GMT - Sat, 28 Sep 2024 06:12:25 GMT
File type XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Hash 95fe254a51ba80caba32dfbb008728b5
1ce3267b410fe95090bd0a50365c9b31dc5ad375
4d91fd4f3038af9bc50b8fad8a0532f8db6580ae074dbf7ed39c75a99a0ee59e
GET /casinobeats/2019/05/Genting-Luton-33-small-e1558346051504.jpg HTTP/1.1
Host: oddslifenetstorage.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The specified resource does not exist.
Content-Length: 223
Content-Type: application/xml
Server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6cce2821-f01e-0069-3162-96ef31000000
Access-Control-Expose-Headers: x-ms-request-id,Server,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Wed, 24 Apr 2024 16:17:25 GMT
content.r9cdn.net/rimg/himg/81/f5/fe/ice-50808-photo.aspx_did=2692_brochureid=50808_publicid=6102901_instanceid=2-image.jpg?width=500&height=350&xhint=976&yhint=678&crop=true
151.101.1.29200 OK 32 kB URL GET HTTP/2 content.r9cdn.net/rimg/himg/81/f5/fe/ice-50808-photo.aspx_did=2692_brochureid=50808_publicid=6102901_instanceid=2-image.jpg?width=500&height=350&xhint=976&yhint=678&crop=true
IP 151.101.1.29:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerLet's Encrypt
Subjectcontent.r9cdn.net
Fingerprint80:5C:10:89:74:F8:11:FA:3E:19:40:FF:E8:76:5F:8A:8B:DE:25:4C
ValidityTue, 12 Mar 2024 14:27:09 GMT - Mon, 10 Jun 2024 14:27:08 GMT
File type JPEG image data, progressive, precision 8, 500x350, components 3
Hash 2fb4107a0b732af1723cdd84707480e2
2507a4fa0f3c5ecc56d543f11bec5ce36a37fee9
cbf8d6c565ac5c5c5094680f044a9e57d27619db95fb8a50a970ccb513379ca6
GET /rimg/himg/81/f5/fe/ice-50808-photo.aspx_did=2692_brochureid=50808_publicid=6102901_instanceid=2-image.jpg?width=500&height=350&xhint=976&yhint=678&crop=true HTTP/1.1
Host: content.r9cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
expires: Mon, 29 Apr 2024 22:31:14 GMT
content-disposition: inline; filename="ice-50808-photo.aspx_did=2692_brochureid=50808_publicid=6102901_instanceid=2-image.jpg"
link: </himg/81/f5/fe/ice-50808-photo.aspx_did=2692_brochureid=50808_publicid=6102901_instanceid=2-image.jpg>; rel="canonical"
cache-control: max-age=604800
access-control-request-method: GET
pragma:
content-language: en-US
server: KAYAK/1.0
content-type: image/jpeg;charset=ISO-8859-1
x-sn-waf-code:
accept-ranges: bytes
age: 150371
date: Wed, 24 Apr 2024 16:17:26 GMT
content-length: 32378
X-Firefox-Spdy: h2
imgv2-2-f.scribdassets.com/img/word_document/273445412/original/23b8ee0e83/1576963311?v=1
151.101.130.152200 OK 83 kB URL GET HTTP/2 imgv2-2-f.scribdassets.com/img/word_document/273445412/original/23b8ee0e83/1576963311?v=1
IP 151.101.130.152:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerLet's Encrypt
Subject*.scribdassets.com
Fingerprint84:CF:52:5D:13:B6:8B:AD:EC:9E:74:47:AB:C9:D3:9A:0B:AF:23:73
ValidityWed, 03 Apr 2024 08:26:40 GMT - Tue, 02 Jul 2024 08:26:39 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 683x1024, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f111c4f8c6711ea2558c938204e0ce63
ac9684700715e93b3d80214132de96596e3f2f93
83026b9e0da19a3040e36079078b3d68ef739d5a8b51c69b0da1f158de7fa11c
GET /img/word_document/273445412/original/23b8ee0e83/1576963311?v=1 HTTP/1.1
Host: imgv2-2-f.scribdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-type: image/webp
etag: "JqjEfW35JPjy7G06k4Z5hWzBWsStMSt2HpfBCmg+GuY"
fastly-io-info: ifsz=342163 idim=683x1024 ifmt=jpeg ofsz=82902 odim=683x1024 ofmt=webp
fastly-io-served-by: vpop-kiad7010217
fastly-stats: io=1
server: envoy
x-envoy-upstream-service-time: 104
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 320808
date: Wed, 24 Apr 2024 16:17:26 GMT
x-served-by: cache-chi-klot8100119-CHI, cache-hel1410026-HEL
x-cache: HIT, MISS
x-cache-hits: 19, 0
x-timer: S1713975446.102049,VS0,VE111
vary: Accept
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 82902
X-Firefox-Spdy: h2
static.winamax.fr/img/content/team/ManuelBevand2_b.jpg
143.204.55.80200 OK 184 kB URL GET HTTP/2 static.winamax.fr/img/content/team/ManuelBevand2_b.jpg
IP 143.204.55.80:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerAmazon
Subject*.winamax.fr
Fingerprint28:7C:7A:46:32:E9:8F:63:A5:C2:37:14:6B:68:76:86:BD:33:E1:42
ValidityThu, 01 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x533, components 3
Size 184 kB (184016 bytes)
Hash 969e608e945a47f2cfb4fe860f4415e9
bca7c70904779f60b3dc8403d2ade81a21010615
194bdad0ec1aed0ce15f77b818c4e7ea20d7bc9b4f45ea00a0479341f95514d7
GET /img/content/team/ManuelBevand2_b.jpg HTTP/1.1
Host: static.winamax.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://confprimfordis1975.netlify.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 184016
date: Wed, 24 Apr 2024 16:17:26 GMT
server: nginx
last-modified: Thu, 28 Jul 2011 17:11:56 GMT
etag: "4e31985c-2ced0"
cache-control: public
access-control-allow-origin: *
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UNEsJVG-CVDo3Ycqm4OspNEx5lCGIaO4xX4yz9B4Q-ia-yQYJblYxg==
X-Firefox-Spdy: h2
hotelworkers.org/images/_350xAUTO_fit_center-center_none/2-Rich_Yonkers_2019.JPG
104.26.13.105200 OK 80 kB URL GET HTTP/2 hotelworkers.org/images/_350xAUTO_fit_center-center_none/2-Rich_Yonkers_2019.JPG
IP 104.26.13.105:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerLet's Encrypt
Subjecthotelworkers.org
FingerprintCC:2E:0B:18:C6:90:7E:E7:75:46:C0:84:D7:04:72:58:8B:11:03:BC
ValidityThu, 18 Apr 2024 22:10:02 GMT - Wed, 17 Jul 2024 22:10:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x250, components 3
Hash 83276e337b4908e3ce6e80c4211af64b
5dcbac16d38e670f51a36d5939cb453c3c78f51c
5777e6fc53e2c31b5afaee8c9f63b144ffccc8bafb08dbbee8fe407ded2fcc62
GET /images/_350xAUTO_fit_center-center_none/2-Rich_Yonkers_2019.JPG HTTP/1.1
Host: hotelworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 16:17:27 GMT
content-type: image/jpeg
content-length: 79864
last-modified: Mon, 13 Jun 2022 19:54:27 GMT
etag: "62a795f3-137f8"
x-frame-options: DENY, : DENY
x-xss-protection: 1; mode=block always, : 1;mode=block
x-varnish: 6064390
x-cache: MISS
x-cache-hits: 0
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFRGye2tfLGilmCyimtmsI%2BbBhQUXVfqlQ949rnVE7z9Ax%2BvqI5mgVwL6Y6sHOCcGGJ6QwYieFMDq7%2BQMcSOCfoNaSpifTPARSU20YitKVGOlr7X3Y90qGNzWAPAuzVwOYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797674aaa99b511-OSL
X-Firefox-Spdy: h2
www.mistercassino.com.br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383
104.21.48.190301 Moved Permanently 818 B URL GET HTTP/2 www.mistercassino.com.br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383
IP 104.21.48.190:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerGoogle Trust Services LLC
Subjectmistercassino.com.br
FingerprintAF:BE:02:40:B1:D7:0A:B7:DF:2F:09:3B:54:A1:53:38:CD:FE:6F:7C
ValidityMon, 15 Apr 2024 07:15:35 GMT - Sun, 14 Jul 2024 07:15:34 GMT
Hash 975ce4808f74758a10a9595c3b8878e0
e1a906e372175ebde1b2f9cf8e562fae75cad3a2
3fa98399d334b91b2f3b7a12bd6d92eb1aea95e85613820167cbe5a106aa7d96
GET /wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383 HTTP/1.1
Host: www.mistercassino.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 16:17:26 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.mistercasino.net/br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mb9DHAg%2FfXXq6mwqrx9pluenP2Q7nwS3hmTxIvyo0iRUA24lNEz%2F%2BjI1rOMgar2CXaA2Gzk%2BqpK2emSaZHhEj5I7a1idWBAPFQ%2BCp%2Bzyx%2BrMLrn6CdxqgEIYLgc%2BrRD6QHt1NQAGrErkzzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976749d80ab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
c2.staticflickr.com/6/5131/5498089995_8db4be6999_b.jpg
143.204.48.75200 OK 156 kB URL GET HTTP/2 c2.staticflickr.com/6/5131/5498089995_8db4be6999_b.jpg
IP 143.204.48.75:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerAmazon
Subjectstatic.flickr.com
FingerprintB7:FC:2C:15:BB:C9:CF:45:BD:07:E2:9B:55:CA:4F:BE:AC:65:5E:C8
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 10 Dec 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x768, components 3
Size 156 kB (156048 bytes)
Hash e4d12771d0867f47656a9a06cc375894
6f4e7985c70863ea0a018dcf73991b19def6bb49
bf3a495a97e97b1bd332fe19015a83786d88db0f36f04d11ab6b4580bbb776bc
GET /6/5131/5498089995_8db4be6999_b.jpg HTTP/1.1
Host: c2.staticflickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 22 Apr 2024 22:31:15 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Tue, 22 Apr 2025 22:31:15 GMT
imagewidth: 1024
imageheight: 768
last-modified: Sat, 16 Mar 2019 20:42:00 GMT
etag: "457195bcb5e97665c6a7d018e251dab4.1"
streaming: false
origintype: D
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Deliver Awesome (#3 of 5)
x-request-id: 95eb69b7
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=4cf206a9, e=278c78e6352b54bc17e7efacf7ae9f30060b9fd8
x-ttfb: 0.1053
x-ttdb-l: 148638
mib: 2
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uvwcvdKpk3OBW71qMC-tuPZGF1J5yeNSaeOPVQnFI1x-PXWs5n1kIw==
age: 150372
X-Firefox-Spdy: h2
cf.bstatic.com/images/hotel/max1024x768/124/124105436.jpg
143.204.55.84404 Not Found 9.1 kB URL GET HTTP/2 cf.bstatic.com/images/hotel/max1024x768/124/124105436.jpg
IP 143.204.55.84:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerDigiCert Inc
Subject*.bstatic.com
FingerprintA4:56:D7:3E:15:A6:B4:E7:81:52:3D:DD:EE:FC:BB:5F:A6:81:0B:27
ValidityWed, 29 Nov 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
Hash 90c72f35022757d4e6ff531b3d68bc09
90610884cb9bd19c654d248b3be7dc7ee543acc0
c513ae59604287369d7283e23674f7483cba9aea87acefd051f27c52b443761e
GET /images/hotel/max1024x768/124/124105436.jpg HTTP/1.1
Host: cf.bstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Wed, 24 Apr 2024 16:17:25 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fz02djRiqtltlEgQhk-7NlxdZHfF-GKa4MCqpKVThlQVYw7PmWt6mw==
vary: Origin
X-Firefox-Spdy: h2
www.paragoncasinoresort.com/images/entertainment/Marshall_Tucker_Band_400x400.jpg
151.101.2.159404 Not Found 23 kB URL GET HTTP/2 www.paragoncasinoresort.com/images/entertainment/Marshall_Tucker_Band_400x400.jpg
IP 151.101.2.159:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerLet's Encrypt
Subjectwww.paragoncasinoresort.com
Fingerprint52:FA:2D:96:53:FC:F1:C5:AA:7E:04:73:E4:15:ED:F5:25:13:51:E1
ValidityTue, 09 Apr 2024 15:00:35 GMT - Mon, 08 Jul 2024 15:00:34 GMT
File type gzip compressed data, from Unix
Hash a337805a3abc4b68266048973199dd3e
883c916372f97fa4a2d89411f48ff17b4399ec01
dfba1c3ff1c4038595b3551d24398220c13aba8c76ad1f837b6654fa15413197
GET /images/entertainment/Marshall_Tucker_Band_400x400.jpg HTTP/1.1
Host: www.paragoncasinoresort.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-xss-protection: 1
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-fw-dynamic: TRUE
x-fw-version: 5.0.0
x-fw-server: Flywheel/5.1.0
referrer-policy: no-referrer-when-downgrade
link: <https://www.paragoncasinoresort.com/wp-json/>; rel="https://api.w.org/"
x-fw-hash: nxmq3ictc4
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 24 Apr 2024 16:17:26 GMT
x-served-by: cache-hel1410030-HEL, cache-hel1410033-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713975446.349066,VS0,VE414
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 15576
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=y1tm2oTrpRurnBQJuEHmeNgX9Pn1fBbp7rexSive5uJI4v_GPsw7od37QF9mSycmZFdEpbHKUbPd6oORTwQJrI1HOX7tgKQuTHQjDUoUs6UMbErnjnwLXiwHxw71w9qX
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Wed, 24 Apr 2024 16:15:25 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 139
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
confprimfordis1975.netlify.app/favicon.ico
3.70.101.28404 Not Found 3.1 kB URL GET HTTP/2 confprimfordis1975.netlify.app/favicon.ico
IP 3.70.101.28:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3234), with no line terminators
Hash 983ad7ad3b11851a568dac1033e352b7
b97321d9a14c18bc49a2029cae02a7c6fae9e2a3
7037defc36dc79e60caa283cf5443f489b9daa5be1dee869404a3b0b95f687e6
GET /favicon.ico HTTP/1.1
Host: confprimfordis1975.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 16:17:27 GMT
etag: 1660226152-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HW8EBKJFSSCMSDJBVAK7NE98
X-Firefox-Spdy: h2
confprimfordis1975.netlify.app/styles.css
3.70.101.28200 OK 36 kB URL GET HTTP/2 confprimfordis1975.netlify.app/styles.css
IP 3.70.101.28:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File type ASCII text, with very long lines (36208), with no line terminators
Hash 36a37866e307a0f98426ab3010245f0c
01f342a19182f613e0219dff1118d76e549a37f3
e5d24005eb93ef1fa219e7b659dbedcc418aaa16e0cc83b667d54a57211c3aed
GET /styles.css HTTP/1.1
Host: confprimfordis1975.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 24 Apr 2024 16:17:26 GMT
etag: "a88421e099d48e0ee91383708eab53aa-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HW8EBJECPVGZYH1KGXQZ5G5P
X-Firefox-Spdy: h2
www.rapido-casinos.com/wp-content/uploads/2019/02/judi-poker-domino.jpg
0.0.0.0 0 B URL GET www.rapido-casinos.com/wp-content/uploads/2019/02/judi-poker-domino.jpg
IP 0.0.0.0:0
Requested by https://confprimfordis1975.netlify.app/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2019/02/judi-poker-domino.jpg HTTP/1.1
Host: www.rapido-casinos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.hotwatercasino.com/assets/cache/img/casino/397_showgallery.jpg
0.0.0.0 0 B URL GET www.hotwatercasino.com/assets/cache/img/casino/397_showgallery.jpg
IP 0.0.0.0:0
Requested by https://confprimfordis1975.netlify.app/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/cache/img/casino/397_showgallery.jpg HTTP/1.1
Host: www.hotwatercasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confprimfordis1975.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.mistercasino.net/br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383
172.67.75.12500 Internal Server Error 0 B URL GET HTTP/2 www.mistercasino.net/br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383
IP 172.67.75.12:443
Requested by https://confprimfordis1975.netlify.app/
Certificate IssuerLet's Encrypt
Subjectmistercasino.net
FingerprintB9:01:50:F7:CE:EB:45:9C:A5:B8:0D:66:49:99:98:D3:58:EE:B8:07
ValidityMon, 04 Mar 2024 03:14:16 GMT - Sun, 02 Jun 2024 03:14:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /br/wp-content/uploads/2020/07/Captura-Ecra-Casino-Leovegas-Contacto.jpg?x19383 HTTP/1.1
Host: www.mistercasino.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://confprimfordis1975.netlify.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 500 Internal Server Error
date: Wed, 24 Apr 2024 16:17:27 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPMLBw2coqV36YQkDkNWZPdK5IcZPC%2BVsRQA95fc6gikUArwduj1cjfURBAYqNDbQbp%2F2dxS7tGeAIWobrLr1Y0yy20ihxl4hAvMjb%2BnX575nCAGRX%2BzUVWfa1GpXMA55JDUxDOJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797674d3d0556b9-OSL
X-Firefox-Spdy: h2
confprimfordis1975.netlify.app/
3.70.101.28200 OK 25 kB URL User Request GET HTTP/2 confprimfordis1975.netlify.app/
IP 3.70.101.28:443
Certificate IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: confprimfordis1975.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 16:17:25 GMT
etag: "9f616d38e84aaeb9f9c46bf2730d7b4e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HW8EBHWS2GHR7A23BRH5PHYG
X-Firefox-Spdy: h2