ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
217.69.13.14301 Moved Permanently 882 B URL HTTP/1.1 ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (549)
Hash 1bfc43ac4ec204d82b75c2c7960549be
33c09680bc3aef52c6bb1b1e4d82936d6594b1b2
6265acb3dad1d364f6c709fc5ab6c01424c0e67a0b0fe5cca281456649ee97a7
GET /ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289 HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 09:27:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 882
Connection: keep-alive
Location: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7084
Expires: Sat, 04 Feb 2023 11:25:16 GMT
Date: Sat, 04 Feb 2023 09:27:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7541
Expires: Sat, 04 Feb 2023 11:32:53 GMT
Date: Sat, 04 Feb 2023 09:27:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:36:14 GMT
content-type: application/json
age: 3058
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16817
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 09:27:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u/ny5diOaqwMyRrDwygqI76qoJHU+kHaZvj+7PqlD3G8kArQGWYmA0vfpeWt+Agn3fFEnoewRic=
x-amz-request-id: G4Q5KH2VQCH2WC9R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 08:52:46 GMT
age: 2066
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/img/loader.gif
217.69.13.14200 OK 1.6 kB URL HTTP/2 ciwiprize.digital/ciprop/img/loader.gif
IP 217.69.13.14:0
File type GIF image data, version 89a, 128 x 15\012- data
Hash 08e97d5e5060e42634268c5e8c425d18
694968120010617fdcabde621b6e0690d01b44fd
92d619282a3d1a329605067fb43a6987b74e454aed2ffbd15974152c07ae7c0a
GET /ciprop/img/loader.gif HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: image/gif
content-length: 1633
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: "661-5a38a414e0600"
accept-ranges: bytes
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/css/boilerplate.css
217.69.13.14200 OK 3.3 kB URL HTTP/2 ciwiprize.digital/ciprop/css/boilerplate.css
IP 217.69.13.14:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 82ffc57b4dba605933c049d77c14e20a
65e545b87882122e81202318108d1e9bad156d52
ab1b5c5a120c376bb459b8b545e39f130b781266cbd39e2729cf0df2ebbb4427
GET /ciprop/css/boilerplate.css HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: W/"26d0-5a38a414e0600"
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/img/subculture-coffee-icon.png
217.69.13.14404 Not Found 690 B URL HTTP/2 ciwiprize.digital/ciprop/img/subculture-coffee-icon.png
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9fb5955dac38f8767cc40e3daf22ad2e
020548548cf32da63f9a5caedd49bbb9697122b5
124b6260a6da4ebc8ecc926f9c2b6ef1fa6367630d1bc6d25a521caa131b72aa
GET /ciprop/img/subculture-coffee-icon.png HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/cgi-bin/global.pl?todo=log_clicks_prelander&brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
217.69.13.14404 Not Found 690 B URL HTTP/2 ciwiprize.digital/cgi-bin/global.pl?todo=log_clicks_prelander&brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f28e9025e9ead172e05f22b8c86a4f48
dfa587a57748c66cd363d20c60320633711fdd0d
4a4fe76d15b00f57c0e4b5cb82d9fd656e80d3ce6f3cc9c59d20a034a38bb343
GET /cgi-bin/global.pl?todo=log_clicks_prelander&brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289 HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/js/mootools-core-1.4.5-full-compat-yc.js
217.69.13.14200 OK 38 kB URL HTTP/2 ciwiprize.digital/ciprop/js/mootools-core-1.4.5-full-compat-yc.js
IP 217.69.13.14:0
File type ASCII text, with very long lines (886)
Hash ce9ede5e0c5eeaf38dfe2a974eb23cc5
e2d7f31bbbae151da990bd3b2b4850d3336a9bf0
386a95cb1440ea22e29e9b627f2565c472266ecffb9d8476a8dd00231a402b8e
Analyzer Verdict Alert fortinet Phishing
GET /ciprop/js/mootools-core-1.4.5-full-compat-yc.js HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: W/"1786a-5a38a414e0600"
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ciwiprize.digital/ciprop/img/subculture-coffee-icon.png
217.69.13.14404 Not Found 548 B URL HTTP/2 ciwiprize.digital/ciprop/img/subculture-coffee-icon.png
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 38e3076dc309803c954687ee8dfb788d
42522c09ef5391685b1ded8417a5b20ad15e1ed5
35618837d286d304a76c6adbdf207838e6795b687abda09bf6afd93c161ca108
GET /ciprop/img/subculture-coffee-icon.png HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6171
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 09:27:12 GMT
Connection: keep-alive
ciwiprize.digital/ciprop/css/main.css
217.69.13.14200 OK 866 B URL HTTP/2 ciwiprize.digital/ciprop/css/main.css
IP 217.69.13.14:0
Hash 7a541af2321c62c0c5d86bb6f8bea824
c8a8a831df63df3aeeebda4c35947d02676c5d7c
f11dceb3657898a8a7b0a8d686276b1f2eec34c556a74c252f55245885023083
GET /ciprop/css/main.css HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: W/"cb1-5a38a414e0600"
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Sat, 04 Feb 2023 10:24:52 GMT
Date: Sat, 04 Feb 2023 09:27:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Sat, 04 Feb 2023 10:24:52 GMT
Date: Sat, 04 Feb 2023 09:27:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Sat, 04 Feb 2023 10:24:52 GMT
Date: Sat, 04 Feb 2023 09:27:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Sat, 04 Feb 2023 10:24:52 GMT
Date: Sat, 04 Feb 2023 09:27:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 40601
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:28:17 GMT
age: 39537
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 41950
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 40613
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 40602
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 40854
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/images/coffee-favicon.ico
217.69.13.14404 Not Found 0 B URL HTTP/2 ciwiprize.digital/ciprop/images/coffee-favicon.ico
IP 217.69.13.14:0
Analyzer Verdict Alert fortinet Phishing
GET /ciprop/images/coffee-favicon.ico HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/js/script.js
217.69.13.14200 OK 0 B URL HTTP/2 ciwiprize.digital/ciprop/js/script.js
IP 217.69.13.14:0
Analyzer Verdict Alert fortinet Phishing
GET /ciprop/js/script.js HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: W/"9b9-5a38a414e0600"
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
217.69.13.14200 OK 0 B URL HTTP/2 ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
IP 217.69.13.14:0
GET /ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289 HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/js/respond.min.js
217.69.13.14200 OK 0 B URL HTTP/2 ciwiprize.digital/ciprop/js/respond.min.js
IP 217.69.13.14:0
Analyzer Verdict Alert fortinet Phishing
GET /ciprop/js/respond.min.js HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Apr 2020 05:51:20 GMT
etag: W/"c90-5a38a414e0600"
content-encoding: br
X-Firefox-Spdy: h2
ciwiprize.digital/ciprop/img/coffee1.jpg
217.69.13.14404 Not Found 0 B URL HTTP/2 ciwiprize.digital/ciprop/img/coffee1.jpg
IP 217.69.13.14:0
GET /ciprop/img/coffee1.jpg HTTP/1.1
Host: ciwiprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ciwiprize.digital/ciprop/index.php?brand=Desktop&city=Anaheim&cep=FTDkIrAygUuHeQ9xSA2R38Jsq010XZZkN6NXgIUE9csTerfi1ROnA8e1UwwTeAVCH4U-f9RmpxrfyyYMprqr_nK49s_igzoIJP0mNkx9Iuv4UtsXkO5GnMGujRbbpubcnFi8a6QVLYr9eyHMaIz__qur-J_gi9oo9IAv0y0mQhXOvFzRFHmuaWo1FOBg90uHSFsHcLFAZ0WUNidvBopNAhDZYsX9JUbxzgoEwKMQ0R4DtC5Mg5OSEJWBNsqZXa3xWLKMgetPESZEWJBYYcadm4Wrjn1MPdwZ0woXXFzEB094Qe0J9yeqzIFA-MZ6DiUZIAjCFMUmavw_X1hUcOcaeUWxnolyurmd7KRl8e4_k_V4sgYQzuEa_2XeEVHJSB3q&lptoken=1696757a509c46f71289
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 Feb 2023 09:27:12 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2