applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
139.45.197.151301 Moved Permanently 162 B URL HTTP/1.1 applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
IP 139.45.197.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 26 Mar 2023 11:12:36 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4968
Expires: Sun, 26 Mar 2023 12:35:24 GMT
Date: Sun, 26 Mar 2023 11:12:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Sun, 26 Mar 2023 12:04:18 GMT
Date: Sun, 26 Mar 2023 11:12:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sun, 26 Mar 2023 11:55:25 GMT
Date: Sun, 26 Mar 2023 11:12:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 10:27:50 GMT
content-type: application/json
age: 2686
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5/gfI/kSqwu/Q10wAvieUxjZZd2dDxfdZaK1cgWXbbuig+CbVHpElrGlOTGxnZd/AlRjRbjuvp8=
x-amz-request-id: QWJE5ANYSYETN0XE
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 10:55:17 GMT
age: 1039
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5cb909caef37e19afce4fbfe2d947e9f
da5921be06845bf77f1908b5bdb090d16fb5058d
7a097a8b27531cda9170aae6f902c67302748958f7abc10665c6b28f1837ede9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A097A8B27531CDA9170AAE6F902C67302748958F7ABC10665C6B28F1837EDE9"
Last-Modified: Sun, 26 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18294
Expires: Sun, 26 Mar 2023 16:17:31 GMT
Date: Sun, 26 Mar 2023 11:12:37 GMT
Connection: keep-alive
applabzzeydoo.com/contents/s/d9/c1/60/cdf387dbad88bf3862072e2593/01109594612996.jpeg
139.45.197.151200 OK 53 kB URL HTTP/2 applabzzeydoo.com/contents/s/d9/c1/60/cdf387dbad88bf3862072e2593/01109594612996.jpeg
IP 139.45.197.151:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 740x1600, components 3\012- data
Hash d9c160cdf387dbad88bf3862072e2593
682d1572c405d3e307e127884788f3bc28518918
55b39e0443cb0436fd8ee4c860ba541685d8ea440f1d2769ed382375b942696f
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /contents/s/d9/c1/60/cdf387dbad88bf3862072e2593/01109594612996.jpeg HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
Cookie: reverse=yixh3yLPNpQ7OumB90qsUnxCcc7EwNyDjYvRDhRzOWI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: image/jpeg
content-length: 52948
last-modified: Wed, 08 Sep 2021 11:39:17 GMT
vary: Accept-Encoding
etag: "6138a0e5-ced4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
139.45.197.151200 OK 14 kB URL HTTP/2 applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
IP 139.45.197.151:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2276), with CRLF, LF line terminators
Hash ae91071eef102cb20e6c7c4038376232
2aa3ab5186c94e7b25b60336116bf7d942ff4e6c
9f27f8988759db65066e11ccaab628d7b8f6ff0fd52cdedc83a946961804f64f
GET /?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=yixh3yLPNpQ7OumB90qsUnxCcc7EwNyDjYvRDhRzOWI; expires=Sun, 26-Mar-2023 12:12:37 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d6271fda606e6f6dacc387bf3ef724cf
ca87e6fc4b5f3e16888e782ffaca113f288a0ba3
e9d0d70ca22d3f4aad6543cf89b1d6d6439e8a9e3d7d537523e672278d055e10
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://applabzzeydoo.com/
Origin: https://applabzzeydoo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://applabzzeydoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7f1187598c174507b53c701c90a70bb9; expires=Mon, 25 Mar 2024 11:12:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
applabzzeydoo.com/track-impression-applab?z=5332574&b=14556889&ymid=3sGN9U5pym5Fd8LHCT4MoE&var=&var_3=14556889_&redirect=false&redirectUrl=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.samoukale.jaxvpn%26referrer%3Dsubid%253D%24%7BSUBID%7D%2526utm_source%253D5332574%2526request_var%253D%2526os%253D%7Bos%7D%2526osversion%253D%7Bosversion%7D%2526browser%253D%7Bbrowser%7D%2526campaignid%253D%7Bcampaignid%7D%2526utm_campaign%253D%7Bcampaignid%7D%2526geo%253D%7Bgeo%7D%2526utm_medium%253Dzeydoo%2526land_state%253Dbefore_render%2526land_id%253DIk3Z1hRmgbrHuHy%2526land_generation_time%253D2023-03-26_06%253A12%253A37%2526land_error_code%253D%2526ruid%253D%7Bruid%7D%2526mgeo%253D%7Bmgeo%7D%2526oaid%253D%7Boaid%7D
139.45.197.151200 OK 424 B URL HTTP/2 applabzzeydoo.com/track-impression-applab?z=5332574&b=14556889&ymid=3sGN9U5pym5Fd8LHCT4MoE&var=&var_3=14556889_&redirect=false&redirectUrl=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.samoukale.jaxvpn%26referrer%3Dsubid%253D%24%7BSUBID%7D%2526utm_source%253D5332574%2526request_var%253D%2526os%253D%7Bos%7D%2526osversion%253D%7Bosversion%7D%2526browser%253D%7Bbrowser%7D%2526campaignid%253D%7Bcampaignid%7D%2526utm_campaign%253D%7Bcampaignid%7D%2526geo%253D%7Bgeo%7D%2526utm_medium%253Dzeydoo%2526land_state%253Dbefore_render%2526land_id%253DIk3Z1hRmgbrHuHy%2526land_generation_time%253D2023-03-26_06%253A12%253A37%2526land_error_code%253D%2526ruid%253D%7Bruid%7D%2526mgeo%253D%7Bmgeo%7D%2526oaid%253D%7Boaid%7D
IP 139.45.197.151:0
File type JSON data\012- , ASCII text, with very long lines (759), with no line terminators
Hash 27746cd82ee2bb588a3bb205af496069
c866fbc929f17a7965869b170771c50cde97009c
3d632a464a742b502915c4e48a91fe2f1ca8b79e4ac3a9049ceefbf092eec80e
GET /track-impression-applab?z=5332574&b=14556889&ymid=3sGN9U5pym5Fd8LHCT4MoE&var=&var_3=14556889_&redirect=false&redirectUrl=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.samoukale.jaxvpn%26referrer%3Dsubid%253D%24%7BSUBID%7D%2526utm_source%253D5332574%2526request_var%253D%2526os%253D%7Bos%7D%2526osversion%253D%7Bosversion%7D%2526browser%253D%7Bbrowser%7D%2526campaignid%253D%7Bcampaignid%7D%2526utm_campaign%253D%7Bcampaignid%7D%2526geo%253D%7Bgeo%7D%2526utm_medium%253Dzeydoo%2526land_state%253Dbefore_render%2526land_id%253DIk3Z1hRmgbrHuHy%2526land_generation_time%253D2023-03-26_06%253A12%253A37%2526land_error_code%253D%2526ruid%253D%7Bruid%7D%2526mgeo%253D%7Bmgeo%7D%2526oaid%253D%7Boaid%7D HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
Connection: keep-alive
Cookie: reverse=yixh3yLPNpQ7OumB90qsUnxCcc7EwNyDjYvRDhRzOWI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 1ea7febc6f2605ee95052b58e96dd3d0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=60
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
applabzzeydoo.com/favicon.ico
139.45.197.151204 No Content 0 B URL HTTP/2 applabzzeydoo.com/favicon.ico
IP 139.45.197.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /favicon.ico HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
Cookie: reverse=yixh3yLPNpQ7OumB90qsUnxCcc7EwNyDjYvRDhRzOWI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
strict-transport-security: max-age=60
x-content-type-options: nosniff
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 10:14:35 GMT
age: 3482
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9ed124a1b77baaecf923ab0828f4befd
372d71395e45bbf43e61c51cd61bb125fba93bc7
7411b7e1c9874a934b2fa1b3c5555d5d5b3e5a4fc66815e062befe67115dd032
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 11:12:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 14:07:12 GMT
Expires: Thu, 30 Mar 2023 14:07:11 GMT
Etag: "372d71395e45bbf43e61c51cd61bb125fba93bc7"
Cache-Control: max-age=355473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7adef5abaa8eb4fa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3803
Expires: Sun, 26 Mar 2023 12:16:00 GMT
Date: Sun, 26 Mar 2023 11:12:37 GMT
Connection: keep-alive
datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81
37.48.68.71200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
POST /log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1333
Origin: https://applabzzeydoo.com
Connection: keep-alive
Referer: https://applabzzeydoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 26 Mar 2023 11:12:37 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://applabzzeydoo.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
push.services.mozilla.com/
54.200.169.229101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.169.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ptIb1tQCzpjcU5Nvr1lSLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2TzrzYJ4h+fvwxE2TZDGjJV121k=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 11:12:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 11:12:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 11:12:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 11:12:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 11:12:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e19767dbe464134f0ab81b0eadb98fa
007758853c1d1605db69131eb50ff433a4da5f8c
63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smH_kIAMF5oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: MOu16Tzq-SiBg8abwfGrqkmSgxnr_WMJO0wSoVcNfIW-xgIPC1MWYQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "007758853c1d1605db69131eb50ff433a4da5f8c"
content-type: image/jpeg
age: 48932
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 073d7b39a5d1d400fce97accc61209ea
83e31c1bda5551eb05d926bc4b16b7a2f5920ab0
3336340f79556f7effd3a56536e49d4951bc40447c4ef549af185d13900ec9cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9192
x-amzn-requestid: 973b7d1d-0726-4b07-bf31-f17f700950cc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uKHYOoAMFrkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f698d-079fc061602811d02e9fa3a5;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ffod7RhQg11m1d4Sani8kcGpsg7JUPIcd_BBjNmSS2ggIPXf8SugwA==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:17 GMT
etag: "83e31c1bda5551eb05d926bc4b16b7a2f5920ab0"
content-type: image/jpeg
age: 48922
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 05:35:57 GMT
age: 20202
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 48918
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d1c1d28-ce70-4700-b792-c3cd3b6a06c5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d1c1d28-ce70-4700-b792-c3cd3b6a06c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36a60c74992a65b12db6f631deb84728
d46ed5863a7a29ff508acd61b8c8cc514b115d03
fd1515b96769a04260213276aea05cb5a0b37ae02590f7e94e3f143108c1c27f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d1c1d28-ce70-4700-b792-c3cd3b6a06c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10632
x-amzn-requestid: f64ed87f-d270-4f7f-8098-6766fc171786
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHEpIAMF31g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-1e438ce43655540f4cf1d25a;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Q8IPNi9zZqdVS51x_ll7ax62L81C95O8hFEKu4ruMgIAno80V7UGvw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:11:44 GMT
age: 46855
etag: "d46ed5863a7a29ff508acd61b8c8cc514b115d03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
applabzzeydoo.com/pfe/current/micro.tag.min.js?uhd=1&z=5225408&ymid=&var=5332574&sw=/sw-check-permissions/5225408&var_3=14556889_
139.45.197.151200 OK 27 kB URL HTTP/2 applabzzeydoo.com/pfe/current/micro.tag.min.js?uhd=1&z=5225408&ymid=&var=5332574&sw=/sw-check-permissions/5225408&var_3=14556889_
IP 139.45.197.151:0
File type C source, ASCII text, with very long lines (41313), with no line terminators
Hash 515625172430aad49dbeb33cc99fde60
9b4d8ce36c1898e057f1ead459ee5c1e2e8d59d3
ea35b320507d1964ff1c44ca73df29ce20793b4b2321cbb5a383d5141d14058c
GET /pfe/current/micro.tag.min.js?uhd=1&z=5225408&ymid=&var=5332574&sw=/sw-check-permissions/5225408&var_3=14556889_ HTTP/1.1
Host: applabzzeydoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/?l=Ik3Z1hRmgbrHuHy&b=14556889&z=5332574&s=3sGN9U5pym5Fd8LHCT4MoE&campid={campaignid}&var=&ymid=3sGN9U5pym5Fd8LHCT4MoE&ymid=3sGN9U5pym5Fd8LHCT4MoE
Cookie: reverse=yixh3yLPNpQ7OumB90qsUnxCcc7EwNyDjYvRDhRzOWI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:33:22 GMT
vary: Accept-Encoding
etag: W/"641336c2-a161"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/themes/glass-dark.css?31212
104.22.25.116200 OK 0 B URL HTTP/2 littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/themes/glass-dark.css?31212
IP 104.22.25.116:0
GET /apps/templates/constructor/constructor-app-lab-v1/themes/glass-dark.css?31212 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: text/css
last-modified: Thu, 23 Mar 2023 15:16:52 GMT
vary: Accept-Encoding
etag: W/"641c6d64-4ef"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7adef5a979750b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/build/css/main.css?v4321212
104.22.25.116200 OK 0 B URL HTTP/2 littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/build/css/main.css?v4321212
IP 104.22.25.116:0
GET /apps/templates/constructor/constructor-app-lab-v1/build/css/main.css?v4321212 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: text/css
last-modified: Thu, 23 Mar 2023 15:16:52 GMT
vary: Accept-Encoding
etag: W/"641c6d64-33f0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5878
server: cloudflare
cf-ray: 7adef5a9897e0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/build/js/main.js
104.22.25.116200 OK 0 B URL HTTP/2 littlecdn.com/apps/templates/constructor/constructor-app-lab-v1/build/js/main.js
IP 104.22.25.116:0
GET /apps/templates/constructor/constructor-app-lab-v1/build/js/main.js HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://applabzzeydoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 11:12:37 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 15:16:52 GMT
vary: Accept-Encoding
etag: W/"641c6d64-19ca"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 3463
server: cloudflare
cf-ray: 7adef5a9897f0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2