urlquery - report: track.buller-matuma.com/c0623fdc-b554-4ca2-8abc-d378c75c2f28

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
push.winprizes31.digital (1)	0	2021-06-12 09:26:51 UTC	2022-11-27 23:56:32 UTC	103.224.182.210	Domain (winprizes31.digital) ranked at: 959879
track.buller-matuma.com (1)	0	No data	No data	18.195.128.171	Unknown ranking
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-28 05:55:58 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-28 05:53:26 UTC	34.117.237.239
69.winprizes169.digital (18)	0	No data	No data	217.69.14.8	Unknown ranking
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
r3.o.lencr.org (7)	344	No data	No data	23.36.76.226

Scan Date	Severity	Indicator	Comment
2022-11-28	2	track.buller-matuma.com/c0623fdc-b554-4ca2-8abc-d378c75c2f28	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-05 16:18:14 +0000	0 - 1 - 1	track.buller-matuma.com/f3455cd7-fe40-4556-86 (...)	18.195.128.171
2023-02-05 16:14:15 +0000	0 - 1 - 4	track.writive-resica.com/96cb80c4-9ed3-477d-9 (...)	18.195.128.171
2023-02-05 15:46:09 +0000	0 - 1 - 1	track.buller-matuma.com/e623bae3-862f-47e1-8c (...)	18.195.128.171
2023-02-05 14:14:27 +0000	0 - 1 - 1	track.buller-matuma.com/b5abab4e-82ef-4498-a6 (...)	18.195.128.171
2023-02-05 10:54:40 +0000	1 - 1 - 1	track.rendan-compto.com/1aee6222-540a-43f9-b0 (...)	18.195.128.171

Date	UQ / IDS / BL	URL	IP
2023-02-05 16:38:38 +0000	0 - 0 - 2	appleld.mx-la.es/	99.83.175.80
2023-02-05 16:31:07 +0000	0 - 0 - 2	13.35.166.96/	13.35.166.96
2023-02-05 16:28:45 +0000	0 - 0 - 1	freeurl.link/5543270	52.59.165.42
2023-02-05 16:26:45 +0000	0 - 4 - 0	www.buenastareas.com/ensayos/Modalidad-De-Con (...)	54.230.111.43
2023-02-05 16:25:57 +0000	0 - 0 - 1	93t03zeeqn0tn150059zg6gvj0d4l3e0zy3g27m0.perm (...)	54.153.56.183

Date	UQ / IDS / BL	URL	IP
2023-02-05 16:18:14 +0000	0 - 1 - 1	track.buller-matuma.com/f3455cd7-fe40-4556-86 (...)	18.195.128.171
2023-02-05 15:46:09 +0000	0 - 1 - 1	track.buller-matuma.com/e623bae3-862f-47e1-8c (...)	18.195.128.171
2023-02-05 14:14:27 +0000	0 - 1 - 1	track.buller-matuma.com/b5abab4e-82ef-4498-a6 (...)	18.195.128.171
2023-02-05 07:56:34 +0000	0 - 1 - 1	track.buller-matuma.com/3fb6a071-1f70-496a-be (...)	18.195.128.171
2023-02-05 04:56:38 +0000	0 - 0 - 1	track.buller-matuma.com/3fb6a071-1f70-496a-be (...)	18.195.128.171

Date	UQ / IDS / BL	URL	IP
2023-02-05 16:18:14 +0000	0 - 1 - 1	track.buller-matuma.com/f3455cd7-fe40-4556-86 (...)	18.195.128.171
2023-02-05 15:46:09 +0000	0 - 1 - 1	track.buller-matuma.com/e623bae3-862f-47e1-8c (...)	18.195.128.171
2023-02-05 14:14:27 +0000	0 - 1 - 1	track.buller-matuma.com/b5abab4e-82ef-4498-a6 (...)	18.195.128.171
2023-02-05 07:56:34 +0000	0 - 1 - 1	track.buller-matuma.com/3fb6a071-1f70-496a-be (...)	18.195.128.171
2023-02-05 05:54:59 +0000	0 - 0 - 6	myonlyprize.xyz/1/prizewheel/cash/trcash/inde (...)	143.204.55.106

Request	Response
GET /c0623fdc-b554-4ca2-8abc-d378c75c2f28 HTTP/1.1 Host: track.buller-matuma.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: track.buller-matuma.com/c0623fdc-b554-4ca2-8abc-d378c75c2f28 FQDN: track.buller-matuma.com IP: 18.195.128.171 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.195.128.171 HTTP/1.1 302 Server: nginx Date: Mon, 28 Nov 2022 21:57:48 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS &cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Pragma: no-cache Set-Cookie: c0623fdc-b554-4ca2-8abc-d378c75c2f28-v4=cKDzIhJM_WcROUHU-E5BxyBKl9qDoQjrS9TvSTqBOY4; Max-Age=86400; Expires=Tue, 29-Nov-2022 21:57:48 GMT; Domain=track.buller-matuma.com; Path=/; HttpOnly cep-v4=KF_X7LfYN-j3k_KPE9wC4ig415dgJswNzsGsLtIKu8oQLWxosztVuGYOlVOzFGMBnsXRrZs49-ll3Q4aRgtTOPnQ0k11bgYKMUqqfgQZY1zo1dU9Djnf1JheBgjx_7vnS1_wlGf6wlxf4p6b6BHMMgP7-IOkUH_cjtUve9WlIkcKeG9MLD-XpXzMemXvIA-w9hpYhGjUuJ5mIIBqpAKmvL_0j1wnylybkQ9qrXpkI3-OWW6VmOtk1kzK--h9dTzeknE4QWlm500UJ1Ps5_2mAREBnkhuTSUidXwsjUBUTE69fgbpX5pjoFanWdeIXm-t6AIpyFW8eHE7J_Lg7eL92s3cbsTAOp3MzPs5xU3UHZh7KXcaqnFfJdEj19Y5BFn3; Max-Age=86400; Expires=Tue, 29-Nov-2022 21:57:48 GMT; Domain=track.buller-matuma.com; Path=/; HttpOnly --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9065 Expires: Tue, 29 Nov 2022 00:28:53 GMT Date: Mon, 28 Nov 2022 21:57:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3761 Cache-Control: max-age=135374 Date: Mon, 28 Nov 2022 21:57:48 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 11:34:02 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12708 Expires: Tue, 29 Nov 2022 01:29:36 GMT Date: Mon, 28 Nov 2022 21:57:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3b56944f0e5716fd4fad2ec18994d4be Sha1: 61cafa4de31ba960d1145ec37272f6f6b6944e0c Sha256: 4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 28 Nov 2022 21:19:33 GMT cache-control: public,max-age=3600 age: 2295 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: n07WaqCPmdwB6sm7urvtgsI2qkme81DL4jtOmcLQ9u9SK0PFbzF2vl7ry6LcMnvt3BpsNGO1fAk= x-amz-request-id: ADRRHB7C4NTBVRX5 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 28 Nov 2022 21:42:14 GMT age: 934 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /wheeles/img/landers/prizewheel-fb/notification.png HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/landers/prizewheel- (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f 217.69.14.8 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 449 last-modified: Mon, 09 May 2022 04:39:50 GMT etag: "1c1-5de8ccc7b570d" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data Size: 449 Md5: bd5203f2cc9e7a9125e4575e029541b0 Sha1: 9fa565ab2f4b55da4735b79e529562252b3c9afe Sha256: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
GET /wheeles/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/landers/prizewheel- (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 32496 last-modified: Mon, 09 May 2022 04:39:50 GMT etag: "7ef0-5de8ccc7701ac" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data Size: 32496 Md5: d4655cba21d806e849eed4e4119fbe1a Sha1: 6453039d85005643e9d65074ca022f63b5d47cdd Sha256: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /wheeles/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/prizes/iphone-12-pr (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d 217.69.14.8 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 35519 last-modified: Mon, 09 May 2022 04:39:56 GMT etag: "8abf-5de8cccd1f2fc" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Size: 35519 Md5: 3425f87a8def62d878b3fbf8f930dee2 Sha1: 961688eb1d3c97e9ed61199b0fcd32e60d1d3467 Sha256: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d
GET /wheeles/img/landers/prizewheel-fb/loader.gif HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/landers/prizewheel- (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97 217.69.14.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 5083 last-modified: Mon, 09 May 2022 04:39:49 GMT etag: "13db-5de8ccc6a112a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 50 x 50\012- data Size: 5083 Md5: ed786659a534e0d183c09a90c50abc9d Sha1: a6c3d90bfaa86a7cda490bc5d04c8939c31a414e Sha256: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /wheeles/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/landers/prizewheel- (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6 217.69.14.8 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 3370 last-modified: Mon, 09 May 2022 04:39:51 GMT etag: "d2a-5de8ccc84bd4f" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data Size: 3370 Md5: dc484e0043b5ff6191b1880c8779863c Sha1: a5b67e3dff3dea3940eed090431aecbb36611b1d Sha256: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /wheeles/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/js/landers/prizewheel-f (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 07384489f51b1a5a347d7d4fab7d29f53fa24107bcb96a953c93fd47133eda57 217.69.14.8 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Mon, 09 May 2022 04:40:02 GMT etag: W/"24ab5-5de8ccd29f64c" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65475) Size: 52195 Md5: cb407f2924a63e774389d713ac0fa572 Sha1: 29e1e513fdde54e20dbefae406e9466e05428b82 Sha256: 07384489f51b1a5a347d7d4fab7d29f53fa24107bcb96a953c93fd47133eda57
GET /wheeles/img/profiles/south-east-asian/male/3@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 5a118a94b3e655f809d79f91090c940489fd5860e5dc08f3cc4c2cc774a3e565 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 2766 last-modified: Mon, 09 May 2022 04:40:09 GMT etag: "ace-5de8ccd9affe0" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2766 Md5: 8702df843edff7d2beff0d3de0626a9e Sha1: aee9ed32bda259fdc07520560c1608378b37705d Sha256: 5a118a94b3e655f809d79f91090c940489fd5860e5dc08f3cc4c2cc774a3e565
GET /wheeles/img/profiles/south-east-asian/male/10@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 5700f704b9dfcd8c571d9213f77f2c389be735716156cb98c72ecc76726c590b 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 2499 last-modified: Mon, 09 May 2022 04:40:08 GMT etag: "9c3-5de8ccd8d05bd" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2499 Md5: 7f3c82b0d07fe123e39e90692870f03b Sha1: 52a29731d418904da4d9d0627b38890a740c441b Sha256: 5700f704b9dfcd8c571d9213f77f2c389be735716156cb98c72ecc76726c590b
GET /wheeles/img/profiles/south-east-asian/male/9@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 10129523ab779b893566ec62c9fad93e98d3df839eb249bc9ce05846d99a2058 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 2789 last-modified: Mon, 09 May 2022 04:40:09 GMT etag: "ae5-5de8ccd9affe0" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2789 Md5: 9d229e0032ffe97045982477bb4513de Sha1: 602a7e2f8a757bc1051891af9556b094393bdbdd Sha256: 10129523ab779b893566ec62c9fad93e98d3df839eb249bc9ce05846d99a2058
GET /wheeles/img/profiles/south-east-asian/female/6@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 2e116bd6259b0cbbc04898bc8468af4537cfd268e84d58f4ff19a5a7f51f84fb 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 2356 last-modified: Mon, 09 May 2022 04:40:04 GMT etag: "934-5de8ccd4e85b2" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2356 Md5: 5695feeb4ce30d707204f87f5f2bd60b Sha1: 9873e8c45a2b8e3b77643435c931e3e8eaf42f78 Sha256: 2e116bd6259b0cbbc04898bc8468af4537cfd268e84d58f4ff19a5a7f51f84fb
GET /wheeles/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/js/app.js?id=0601d5f2aa (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 2afdbf1511a401c8411c94d71e048bc4a9a8aa2cb6e083bc63321ba5c1468748 217.69.14.8 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Mon, 09 May 2022 04:39:20 GMT etag: W/"3d1-5de8ccaac343c" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (977), with no line terminators Size: 23594 Md5: 8d449190d885f23743079853d3b2ae5e Sha1: c987bf08148e7b91cfc1cbc9a1f73122dac32452 Sha256: 2afdbf1511a401c8411c94d71e048bc4a9a8aa2cb6e083bc63321ba5c1468748
GET /wheeles/img/profiles/south-east-asian/female/5@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 8ccc052cd7087334be9106f879af4a71285445f948278c896d2beaa1dcd63aa0 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 1876 last-modified: Mon, 09 May 2022 04:40:04 GMT etag: "754-5de8ccd4e85b2" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 1876 Md5: e6d09aa7a7bfbcd6873d9fba645e231a Sha1: 5336ad196a2d3d50c2bd00a17e26740602219d14 Sha256: 8ccc052cd7087334be9106f879af4a71285445f948278c896d2beaa1dcd63aa0
GET /wheeles/img/profiles/south-east-asian/female/1@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: c6901a32b079f9b0694c30f2b8cc87b320633199f11713a4a45c63f162993dce 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 3262 last-modified: Mon, 09 May 2022 04:40:03 GMT etag: "cbe-5de8ccd406c50" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 3262 Md5: 16ad125731306a5d5ae9d4406b9f7979 Sha1: b387725ab4c58f20877289634a56057b99baa753 Sha256: c6901a32b079f9b0694c30f2b8cc87b320633199f11713a4a45c63f162993dce
GET /wheeles/img/profiles/south-east-asian/male/2@0.25x.jpg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/profiles/south-east (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 2981cae5289d5dd17c995610ea85ee29299a88d74dba4b9e158985050120b991 217.69.14.8 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT content-length: 2449 last-modified: Mon, 09 May 2022 04:40:08 GMT etag: "991-5de8ccd8cf61d" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2449 Md5: 426240574b4184e870f74c012fd08d93 Sha1: 85a366719346e9d589f6af487ba76be761378d41 Sha256: 2981cae5289d5dd17c995610ea85ee29299a88d74dba4b9e158985050120b991
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 28 Nov 2022 21:11:12 GMT cache-control: public,max-age=3600 age: 2797 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4618 Cache-Control: max-age=131164 Date: Mon, 28 Nov 2022 21:57:49 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:23:53 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 180446e5fb63f919a316e3d20fbf22438eb35e1a3241b53fd70d43b234521123 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "180446E5FB63F919A316E3D20FBF22438EB35E1A3241B53FD70D43B234521123" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Tue, 29 Nov 2022 03:57:49 GMT Date: Mon, 28 Nov 2022 21:57:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3f16cb47fdb8aa6f5feacb680dbd37d9 Sha1: 98f32d0ef44c1c76fa9803eb3ff53b15ba38cdd9 Sha256: 180446e5fb63f919a316e3d20fbf22438eb35e1a3241b53fd70d43b234521123
GET /wheeles/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/css/app.css?id=c588c173 (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 671a8ed87c8bdeac8c37aae3dfda8089775ad77c14e57ab7288cebb035da18fb 217.69.14.8 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Mon, 09 May 2022 04:39:16 GMT etag: W/"21-5de8cca6e7f51" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 32 Md5: c979c7d3c536298fb317cfe3d6ec0ebb Sha1: a51828786c658dd4fcf1436a141d80133b8c047d Sha256: 671a8ed87c8bdeac8c37aae3dfda8089775ad77c14e57ab7288cebb035da18fb
GET /js/pub.min.js HTTP/1.1 Host: push.winprizes31.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: push.winprizes31.digital/js/pub.min.js FQDN: push.winprizes31.digital IP: 103.224.182.210 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 103.224.182.210 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Mon, 28 Nov 2022 21:57:50 GMT Server: Apache/2.4.38 (Debian) Content-Length: 196 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12068 Expires: Tue, 29 Nov 2022 01:18:59 GMT Date: Mon, 28 Nov 2022 21:57:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12068 Expires: Tue, 29 Nov 2022 01:18:59 GMT Date: Mon, 28 Nov 2022 21:57:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12068 Expires: Tue, 29 Nov 2022 01:18:59 GMT Date: Mon, 28 Nov 2022 21:57:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12068 Expires: Tue, 29 Nov 2022 01:18:59 GMT Date: Mon, 28 Nov 2022 21:57:51 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9015 x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNnbGLToAMFfxg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:42:03 GMT age: 948 etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9015 Md5: ae2e2986caa15a90b615147f229b51ec Sha1: c6dfd277cdbd057472e6df6ad1a200f50684d442 Sha256: ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /wheeles/img/fb-like.svg HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/img/fb-like.svg FQDN: 69.winprizes169.digital IP: 217.69.14.8 HASH: 7340c0be0964dfb7f4d5574d8aecd731f1e3867ef4d37305c9ea29d6ecf0bf39 217.69.14.8 HTTP/2 200 OK content-type: image/svg+xml server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Mon, 09 May 2022 04:39:16 GMT etag: W/"1213-5de8cca6e7f51" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4627), with no line terminators Size: 10444 Md5: bc7c3901d2fb07ef0b13d360f216ae92 Sha1: de478085b13ecaf8a14f6913e91a1bb1285d2313 Sha256: 7340c0be0964dfb7f4d5574d8aecd731f1e3867ef4d37305c9ea29d6ecf0bf39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7549 x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP-7lHmsoAMF9lA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:42:03 GMT age: 948 etag: "600859401c885cc2cdd1f199cccc198eb41d6a04" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7549 Md5: 415b1b1d5a29fc17b4114bb3df1d1c22 Sha1: 600859401c885cc2cdd1f199cccc198eb41d6a04 Sha256: abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10176 x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMpbgEFOIAMF71A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:40:08 GMT age: 51463 etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10176 Md5: 03014221d7f49b50ffc2d1b0a0e75457 Sha1: 772d86ad983042a728ee3490630a9cf1134ad0dd Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8106 x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNnQEhQoAMFbLA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: sYK4SFsG-No3Bd-CyGIKSWh4sUokwaHa20tc8zvbqUpxkplJOiASIA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:42:03 GMT age: 948 etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8106 Md5: 5ab97acd46d3380fa12711c96b3c2d35 Sha1: b703ea2cc2fcd68e60135ff77d5a5f1b93fac128 Sha256: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3944 x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNmfFgeIAMFjLw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA== via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:42:03 GMT age: 948 etag: "5008d7344dd85ae61a598c17e7baf427def3e25d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3944 Md5: 9cd333c474420e235831d96ed881167e Sha1: 5008d7344dd85ae61a598c17e7baf427def3e25d Sha256: 2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 217.69.14.8 HTTP/2 200 OK content-type: text/html server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Wed, 06 Jul 2022 05:17:08 GMT etag: W/"30c3-5e31c14a21e9e" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /wheeles/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1 Host: 69.winprizes169.digital User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 69.winprizes169.digital/wheeles/css/landers/prizewheel- (...) FQDN: 69.winprizes169.digital IP: 217.69.14.8 217.69.14.8 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 28 Nov 2022 21:57:49 GMT vary: Accept-Encoding last-modified: Mon, 09 May 2022 04:39:49 GMT etag: W/"da7-5de8ccc627fa9" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9065 

                                        
                                            
Expires: Tue, 29 Nov 2022 00:28:53 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:48 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    150792cfc458af013998f4ef6bdf5f74

                                                Sha1:   d5179b2dcb11d06f82606bf6eb6648319998d63e

                                                Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12708 

                                        
                                            
Expires: Tue, 29 Nov 2022 01:29:36 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:48 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3b56944f0e5716fd4fad2ec18994d4be

                                                Sha1:   61cafa4de31ba960d1145ec37272f6f6b6944e0c

                                                Sha256: 4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: n07WaqCPmdwB6sm7urvtgsI2qkme81DL4jtOmcLQ9u9SK0PFbzF2vl7ry6LcMnvt3BpsNGO1fAk= 

                                        
                                            
x-amz-request-id: ADRRHB7C4NTBVRX5 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 21:42:14 GMT 

                                        
                                            
age: 934 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /wheeles/img/landers/prizewheel-fb/notification.png HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 449 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:50 GMT 

                                        
                                            
etag: "1c1-5de8ccc7b570d" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data

                                                Size:   449

                                                Md5:    bd5203f2cc9e7a9125e4575e029541b0

                                                Sha1:   9fa565ab2f4b55da4735b79e529562252b3c9afe

                                                Sha256: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f

                                        
                                            GET /wheeles/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 35519 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:56 GMT 

                                        
                                            
etag: "8abf-5de8cccd1f2fc" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   35519

                                                Md5:    3425f87a8def62d878b3fbf8f930dee2

                                                Sha1:   961688eb1d3c97e9ed61199b0fcd32e60d1d3467

                                                Sha256: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d

                                        
                                            GET /wheeles/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 3370 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:51 GMT 

                                        
                                            
etag: "d2a-5de8ccc84bd4f" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data

                                                Size:   3370

                                                Md5:    dc484e0043b5ff6191b1880c8779863c

                                                Sha1:   a5b67e3dff3dea3940eed090431aecbb36611b1d

                                                Sha256: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6

                                        
                                            GET /wheeles/img/profiles/south-east-asian/male/3@0.25x.jpg HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 2766 

                                        
                                            
last-modified: Mon, 09 May 2022 04:40:09 GMT 

                                        
                                            
etag: "ace-5de8ccd9affe0" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data

                                                Size:   2766

                                                Md5:    8702df843edff7d2beff0d3de0626a9e

                                                Sha1:   aee9ed32bda259fdc07520560c1608378b37705d

                                                Sha256: 5a118a94b3e655f809d79f91090c940489fd5860e5dc08f3cc4c2cc774a3e565

                                        
                                            GET /wheeles/img/profiles/south-east-asian/male/9@0.25x.jpg HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 2789 

                                        
                                            
last-modified: Mon, 09 May 2022 04:40:09 GMT 

                                        
                                            
etag: "ae5-5de8ccd9affe0" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data

                                                Size:   2789

                                                Md5:    9d229e0032ffe97045982477bb4513de

                                                Sha1:   602a7e2f8a757bc1051891af9556b094393bdbdd

                                                Sha256: 10129523ab779b893566ec62c9fad93e98d3df839eb249bc9ce05846d99a2058

                                        
                                            GET /wheeles/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:20 GMT 

                                        
                                            
etag: W/"3d1-5de8ccaac343c" 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (977), with no line terminators

                                                Size:   23594

                                                Md5:    8d449190d885f23743079853d3b2ae5e

                                                Sha1:   c987bf08148e7b91cfc1cbc9a1f73122dac32452

                                                Sha256: 2afdbf1511a401c8411c94d71e048bc4a9a8aa2cb6e083bc63321ba5c1468748

                                        
                                            GET /wheeles/img/profiles/south-east-asian/female/1@0.25x.jpg HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
content-length: 3262 

                                        
                                            
last-modified: Mon, 09 May 2022 04:40:03 GMT 

                                        
                                            
etag: "cbe-5de8ccd406c50" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data

                                                Size:   3262

                                                Md5:    16ad125731306a5d5ae9d4406b9f7979

                                                Sha1:   b387725ab4c58f20877289634a56057b99baa753

                                                Sha256: c6901a32b079f9b0694c30f2b8cc87b320633199f11713a4a45c63f162993dce

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 21:11:12 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2797 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "180446E5FB63F919A316E3D20FBF22438EB35E1A3241B53FD70D43B234521123" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21600 

                                        
                                            
Expires: Tue, 29 Nov 2022 03:57:49 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3f16cb47fdb8aa6f5feacb680dbd37d9

                                                Sha1:   98f32d0ef44c1c76fa9803eb3ff53b15ba38cdd9

                                                Sha256: 180446e5fb63f919a316e3d20fbf22438eb35e1a3241b53fd70d43b234521123

                                        
                                            GET /js/pub.min.js HTTP/1.1 

                                        
                                            
Host: push.winprizes31.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         103.224.182.210

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:50 GMT 

                                        
                                            
Server: Apache/2.4.38 (Debian) 

                                        
                                            
Content-Length: 196 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   196

                                                Md5:    62962daa1b19bbcc2db10b7bfd531ea6

                                                Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8

                                                Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12068 

                                        
                                            
Expires: Tue, 29 Nov 2022 01:18:59 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:51 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    aebda342a81ad83f60d2523f54ccda67

                                                Sha1:   e590d9326e4a283e0929a8ffccb13cc4308af0e6

                                                Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12068 

                                        
                                            
Expires: Tue, 29 Nov 2022 01:18:59 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 21:57:51 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    aebda342a81ad83f60d2523f54ccda67

                                                Sha1:   e590d9326e4a283e0929a8ffccb13cc4308af0e6

                                                Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

                                        
                                            GET /wheeles/img/fb-like.svg HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:16 GMT 

                                        
                                            
etag: W/"1213-5de8cca6e7f51" 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4627), with no line terminators

                                                Size:   10444

                                                Md5:    bc7c3901d2fb07ef0b13d360f216ae92

                                                Sha1:   de478085b13ecaf8a14f6913e91a1bb1285d2313

                                                Sha256: 7340c0be0964dfb7f4d5574d8aecd731f1e3867ef4d37305c9ea29d6ecf0bf39

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10176 

                                        
                                            
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cMpbgEFOIAMF71A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g== 

                                        
                                            
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 07:40:08 GMT 

                                        
                                            
age: 51463 

                                        
                                            
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10176

                                                Md5:    03014221d7f49b50ffc2d1b0a0e75457

                                                Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd

                                                Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3944 

                                        
                                            
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cVNmfFgeIAMFjLw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA== 

                                        
                                            
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 21:42:03 GMT 

                                        
                                            
age: 948 

                                        
                                            
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3944

                                                Md5:    9cd333c474420e235831d96ed881167e

                                                Sha1:   5008d7344dd85ae61a598c17e7baf427def3e25d

                                                Sha256: 2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286

                                        
                                            GET /wheeles/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1 

                                        
                                            
Host: 69.winprizes169.digital

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://69.winprizes169.digital/wheeles/mxbluebaff3n2.html?city=Oslo&model=Desktop&brand=Desktop&isp=Blix%20Group%20AS%20&cep=rE5UjtuDNBLPISagVMTI7A8Fs8CbLLDF2jHVkXKD2qHvF8LghOSIU7EO1-WI2MLJ8hdizH0wtdVXbSGUefAAZ__XR8NnZSRPWDJu_0UPAOzQZDcOEj7T272xKdeloCjYcKUFNywiOgbuV1PFHiIrJ1NWYPPjst17kQsYE_qDqBXfGKo7JJ4y3ydGNAk0GwACDv7KeovdH73hdA-xjGS6l5NYg7mGk1QOezDxTMp1sIsnj1iWmdMYTU5E06twleBBjCSLmCKHyxUrXqIRaJsuQOtPyjPU3JTXjpp1MiyiNakqAMf628GDPqAEC7g2xzTfrHGHF-VyaFkj-PZO_vJmC70kyytXx-dJrFdRldVEILAFa2GKOhUtftbgTUKZdDmj&lptoken=165d695f677844776874 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         217.69.14.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 28 Nov 2022 21:57:49 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Mon, 09 May 2022 04:39:49 GMT 

                                        
                                            
etag: W/"da7-5de8ccc627fa9" 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	track.buller-matuma.com/c0623fdc-b554-4ca2-8abc-d378c75c2f28
IP	18.195.128.171 (Germany)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-28 21:57:59 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.195.128.171

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: buller-matuma.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (38)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.195.128.171

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: buller-matuma.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (38)

Network Intrusion Detection Systems