r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8083
Expires: Sat, 12 Nov 2022 14:17:18 GMT
Date: Sat, 12 Nov 2022 12:02:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6460
Cache-Control: max-age=87392
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 12:02:35 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:19:07 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 11:44:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1105
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7253
Expires: Sat, 12 Nov 2022 14:03:28 GMT
Date: Sat, 12 Nov 2022 12:02:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R9YTYGUMTOLdAVrvBZx+LToOdjBRa/e3xsxqDhs+eQlSHCs5yNe6L2dH5QmQIQvZT0oc+hllcRQ=
x-amz-request-id: F2Q0ERVK0VH31WWC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 11:12:58 GMT
age: 2977
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
45.76.148.82301 Moved Permanently 984 B URL HTTP/1.1 30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
IP 45.76.148.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (651)
Hash 4d810c2eb69c3b0737b9109986b78095
6fac2c55c1dcfa63401db33cc0fcc970e2088530
e887cfc2c62b72d78fc305ceb1bb19b1641f2f3e52e5d3d9588561a6c04dba42
GET /mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670 HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 12:02:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 984
Connection: keep-alive
Location: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 11:44:48 GMT
cache-control: public,max-age=3600
age: 1068
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6545
Cache-Control: max-age=168801
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 12:02:36 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:55:57 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2rZamjmtMeascEep0kjnLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y0uVMkC20zK1oiNVdT5OuHV66Aw=
30.winprizes530.digital/mm1/img/landers/prizewheel-fb/notification.png
45.76.148.82200 OK 1.1 kB URL HTTP/2 30.winprizes530.digital/mm1/img/landers/prizewheel-fb/notification.png
IP 45.76.148.82:0
File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Hash 7b01738b575fddc442dd9acb66115e0c
1a517a569f3f3cc2cd848e165666cea8cd628fec
5106d5661ed6423509ed6e07e5e67c4496d7ea551a1e8b3047e30404bb2824ba
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: image/png
content-length: 1142
last-modified: Sat, 12 Mar 2022 12:53:02 GMT
etag: "476-5da04ed764434"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cc6e605c0fe4b83926a739a3bd54cf2
38f0135941aadb2b8b4756e9cfa76672a10570cd
a4768b2119912e3d0bc8b47c9a521db47f8797bb4fcc3690d5b9096d7ab81d59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4768B2119912E3D0BC8B47C9A521DB47F8797BB4FCC3690D5B9096D7AB81D59"
Last-Modified: Thu, 10 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11797
Expires: Sat, 12 Nov 2022 15:19:14 GMT
Date: Sat, 12 Nov 2022 12:02:37 GMT
Connection: keep-alive
30.winprizes530.digital/mm1/img/landers/prizewheel-fb/prizewheel_spinner.jpg
45.76.148.82200 OK 46 kB URL HTTP/2 30.winprizes530.digital/mm1/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1002x1002, components 3\012- data
Hash 595556fff9f75a1711d01f567e50bd5e
036168b916b8f328dc69306909e4771bf435216b
44274130ef786e7c98c16b53d5209a2f354488e8ff3ec76a1f1efb1c819cb85f
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: image/jpeg
content-length: 45664
last-modified: Sat, 12 Mar 2022 12:53:02 GMT
etag: "b260-5da04ed78d475"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 12:02:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 12:02:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 12:02:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 12:02:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NeIY2s01XJFjeone0iZ62qWRqoDGoqdFqPsXP2IG6DD9Hub4eqR1pQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 03:49:13 GMT
age: 29604
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084ca839d34b15916cd2f5034440a1ef
7764777ce9a862c1590712ef33032df72edefffd
b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uZ6Nth8jaUp7GXRXknKB8k90AgzBj4Yv3YfduSF7yajyFESb9oOh3A==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:45 GMT
age: 51052
etag: "7764777ce9a862c1590712ef33032df72edefffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BcjpdZlgZPqBX1rk3Th_XlwHrDYoeAT8pWaH7I21WnkfFzvzJE8ekw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 51582
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/css/landers/prizewheel-fb/app.css
45.76.148.82200 OK 9.9 kB URL HTTP/2 30.winprizes530.digital/mm1/css/landers/prizewheel-fb/app.css
IP 45.76.148.82:0
File type ASCII text, with very long lines (2891), with no line terminators
Hash 49c12c45701a81d06c3746b1254609d4
514de69e990438f5df84b46a462da8c2d19a1498
22c29bc579d27d764a6717e4b40b1096efe49b203869867166ccfb92a63ce9cd
GET /mm1/css/landers/prizewheel-fb/app.css HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:53:01 GMT
etag: W/"b4b-5da04ed6c2271"
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dea29172117b20fbba50877b6137a82c
4f059d139749207c70d8387abb5d8be54e97bca3
1a18bc2b4413225fb560a705ef5d228b6faa648f4908a51661be443d6d04001b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6771
x-amzn-requestid: 15d0cccd-10d5-4a58-91ba-181cd48d02a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMipFOqIAMFzYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec143-45dc19d1418acd1261b050e5;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wAXmVLj9L-TESuUQLMk2wvi9GH_A_kesPJUDIXN-6GLywdRpeNsYJQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:01:29 GMT
age: 50469
etag: "4f059d139749207c70d8387abb5d8be54e97bca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 50417
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/prizes/iphone-11-pro/default.png
45.76.148.82200 OK 95 kB URL HTTP/2 30.winprizes530.digital/mm1/img/prizes/iphone-11-pro/default.png
IP 45.76.148.82:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 8adac2b1f6fec2ad7a323668d7fcd96a
5b875ce4cc5fa5576fdcf13385c0c5b53631e691
1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/prizes/iphone-11-pro/default.png HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: image/png
content-length: 94803
last-modified: Sat, 12 Mar 2022 12:53:03 GMT
etag: "17253-5da04ed840f79"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/landers/prizewheel-fb/loader.gif
45.76.148.82200 OK 5.1 kB URL HTTP/2 30.winprizes530.digital/mm1/img/landers/prizewheel-fb/loader.gif
IP 45.76.148.82:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash e5442c10c946c665cbd1e88b0fb7bff6
f64bd9f3e669c39cb5b194ecdc1926667177788b
83c3fc2fbd9e412ef801194552820088c29206e96603376faf63641f059763ed
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: image/gif
content-length: 5102
last-modified: Sat, 12 Mar 2022 12:53:02 GMT
etag: "13ee-5da04ed763494"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/landers/prizewheel-fb/prizewheel_static.png
45.76.148.82200 OK 13 kB URL HTTP/2 30.winprizes530.digital/mm1/img/landers/prizewheel-fb/prizewheel_static.png
IP 45.76.148.82:0
File type PNG image data, 1002 x 1002, 8-bit colormap, non-interlaced\012- data
Hash 5138417965bdda5fcbb708103d88a84a
c47f9085be828ef0a717ceba278c13fd84fc854c
bfb40521da9376178e8de77d8c1c08db53f652b4ff1cdfef5c97e94988b19cb8
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/png
content-length: 13161
last-modified: Sat, 12 Mar 2022 12:53:02 GMT
etag: "3369-5da04ed78a595"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/3@0.25x.jpg
45.76.148.82200 OK 3.9 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/3@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash d8996a573db7acb91022ed0d671a1495
175685d525ff01441445e0c585ddbf9d867de6e4
cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/female/3@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 3856
last-modified: Sat, 12 Mar 2022 12:53:04 GMT
etag: "f10-5da04ed9b6fe2"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/3@0.25x.jpg
45.76.148.82200 OK 5.2 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/3@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 79428c15f4cb8d4c22f0ae8844e327d7
b34513fac8649885f2e9ce9940b26e9f7f47d8bb
7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/male/3@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 5238
last-modified: Sat, 12 Mar 2022 12:53:05 GMT
etag: "1476-5da04edab8ce8"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/10@0.25x.jpg
45.76.148.82200 OK 4.6 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/10@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 41a98d19c26e28b2e8365a548d788f16
f2450247e49752551c531854d2d20149fbe174ee
79db7e1ab8b884b175536810d2eca46dee31a925deee254cf71b154d23ac3cb9
GET /mm1/img/profile-images/south-east-asian/male/10@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 4603
last-modified: Sat, 12 Mar 2022 12:53:05 GMT
etag: "11fb-5da04eda8dd67"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/6@0.25x.jpg
45.76.148.82200 OK 4.1 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/6@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 487c9c7e98edf8c07cd5cef5a7c3e48d
a27e943677cc67810eb71f7f889969d2ca52e390
1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/female/6@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 4130
last-modified: Sat, 12 Mar 2022 12:53:04 GMT
etag: "1022-5da04ed9e3ea3"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/9@0.25x.jpg
45.76.148.82200 OK 5.3 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/9@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 30d34d7628e91a67ef9b6c701751b82d
5a68e5bc09bacac96949950392ede472110b9bfd
179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/male/9@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 5337
last-modified: Sat, 12 Mar 2022 12:53:05 GMT
etag: "14d9-5da04edab9c88"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/prizes/iphone-11-pro/proof.jpg
45.76.148.82200 OK 24 kB URL HTTP/2 30.winprizes530.digital/mm1/img/prizes/iphone-11-pro/proof.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Processed By eBay with ImageMagick, z1.1.0. ||B2", progressive, precision 8, 339x450, components 3\012- data
Hash a1191aab311651f9299e0aece2833f15
d61885e2aebaaab417d8f7a8ca7870a634875f4b
d354416bac0682b8e6c1f88fddbccc1f6148cf880ef56f36a09b0a9202c624fe
GET /mm1/img/prizes/iphone-11-pro/proof.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 23930
last-modified: Sat, 12 Mar 2022 12:53:03 GMT
etag: "5d7a-5da04ed837339"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/5@0.25x.jpg
45.76.148.82200 OK 3.2 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/5@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash f70b9555d6adfc1751ae792bbc056fdf
42b461a559a16ae58398bd3bb1d2ee4879d8dc78
ca6bae141b7eaac62d61415bf2fdd34e9434928c8fa1e4cc3e8aa060abb88bae
GET /mm1/img/profile-images/south-east-asian/female/5@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 3222
last-modified: Sat, 12 Mar 2022 12:53:04 GMT
etag: "c96-5da04ed9e2f03"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/1@0.25x.jpg
45.76.148.82200 OK 6.0 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/female/1@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 4387f4c0cbae645d5d7442254e7cc560
99b2c3a509f515fc9e53c8b018ba6b47028afbe1
116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/female/1@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 5988
last-modified: Sat, 12 Mar 2022 12:53:04 GMT
etag: "1764-5da04ed9b50a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/2@0.25x.jpg
45.76.148.82200 OK 4.5 kB URL HTTP/2 30.winprizes530.digital/mm1/img/profile-images/south-east-asian/male/2@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 2444132c4b20c85e0c9526f3b35a2524
eb394ff3f1a3e2fadc7a8912e8929e218270e733
dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /mm1/img/profile-images/south-east-asian/male/2@0.25x.jpg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/jpeg
content-length: 4513
last-modified: Sat, 12 Mar 2022 12:53:05 GMT
etag: "11a1-5da04eda8cdc7"
accept-ranges: bytes
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/img/fb-like.svg
45.76.148.82200 OK 0 B URL HTTP/2 30.winprizes530.digital/mm1/img/fb-like.svg
IP 45.76.148.82:0
GET /mm1/img/fb-like.svg HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:52:58 GMT
etag: W/"1656-5da04ed412a61"
content-encoding: br
X-Firefox-Spdy: h2
oungimuk.net/pfe/current/micro.tag.min.js?z=5107519&sw=/sw-check-permissions-9dad8.js
139.45.197.251200 OK 0 B URL HTTP/2 oungimuk.net/pfe/current/micro.tag.min.js?z=5107519&sw=/sw-check-permissions-9dad8.js
IP 139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=5107519&sw=/sw-check-permissions-9dad8.js HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-12fca"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/js/landers/prizewheel-fb/app.js
45.76.148.82200 OK 0 B URL HTTP/2 30.winprizes530.digital/mm1/js/landers/prizewheel-fb/app.js
IP 45.76.148.82:0
GET /mm1/js/landers/prizewheel-fb/app.js HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:53:04 GMT
etag: W/"1d6eb-5da04ed91cb1e"
content-encoding: br
X-Firefox-Spdy: h2
30.winprizes530.digital/favicon.ico
45.76.148.82404 Not Found 0 B URL HTTP/2 30.winprizes530.digital/favicon.ico
IP 45.76.148.82:0
GET /favicon.ico HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 12 Nov 2022 12:02:38 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
45.76.148.82200 OK 0 B URL HTTP/2 30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
IP 45.76.148.82:0
GET /mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670 HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:36 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 23 May 2022 01:18:03 GMT
etag: W/"3eb0-5dfa39c93f0a4"
content-encoding: br
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/css/app.css
45.76.148.82200 OK 0 B URL HTTP/2 30.winprizes530.digital/mm1/css/app.css
IP 45.76.148.82:0
GET /mm1/css/app.css HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:52:58 GMT
etag: W/"136-5da04ed366c5d"
content-encoding: br
X-Firefox-Spdy: h2
30.winprizes530.digital/mm1/js/app.js
45.76.148.82200 OK 0 B URL HTTP/2 30.winprizes530.digital/mm1/js/app.js
IP 45.76.148.82:0
GET /mm1/js/app.js HTTP/1.1
Host: 30.winprizes530.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.winprizes530.digital/mm1/mmspin1icu2.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&cep=cB5w1LUyVWUgA_afb_07FVdqkkttklhsgcTsChZe--Wn9k1FUeM9so65BRBEihB-DgLHtigKIpZ0AuXDzSIpnd9PjJIMJ4iIvCZ1Gpl3lNP2B0YgDs3kie63IlTxttk7z_Oc2oSg12QVagaYSDxUIQc0LdStE5hqBV8Klox5ROz_BAiuGm-YYUpVwhtHDK-Jl2WS-WrtpHJ5yPTlSj1gzqQIAk51vMjjINCf3m7H_nNEQZ_-scCavuz5rG9QcwcOzYL9nuPGdiF5synIcWy3gp6KeEu1dcKkHYzxu8kkmx9rS2vxA1E1OOTZMJnPhIVaDb8gvBhzSTuFWif80uFHAejfnqRPng15F5syDYIgnOjySqxbiIgaQ6_HciQmKDi89tSCLchYIZK3KFKGv5UKuT8-lQEgTLcKfJjP06yTQ7k&lptoken=16d568cf25bd63e93670
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 12:02:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:52:59 GMT
etag: W/"3d1-5da04ed4c6565"
content-encoding: br
X-Firefox-Spdy: h2