Overview

URLbraokeextrefore.com/c98637d3-5c14-4670-9275-660a8d2085bc
IP 3.124.99.72 (Germany)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 05:19:58 UTC
StatusLoading report..
IDS alerts0
Blocklist alert8
urlquery alerts
1
Scam / Brand infringement
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.83.187
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 17:12:31 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 17:13:24 UTC 34.117.237.239
www.your-lucky-days.xyz (25) 0 2022-08-31 04:17:21 UTC 2022-12-01 04:23:20 UTC 143.204.55.82 Unknown ranking
hop.greenbluefrog.click (1) 0 2022-08-29 09:19:28 UTC 2022-12-01 04:20:02 UTC 108.178.23.115 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
braokeextrefore.com (1) 0 2022-08-18 08:49:11 UTC 2022-12-01 04:10:52 UTC 3.124.99.72 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 braokeextrefore.com/c98637d3-5c14-4670-9275-660a8d2085bc Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/like_user_1.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/like_user_2.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/7.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/4.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/1.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/8.jpeg Phishing
2022-12-01 2 www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/main_script.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.124.99.72
Date UQ / IDS / BL URL IP
2023-02-07 07:07:16 +0000 0 - 0 - 1 braokeextrefore.com/1de0bc28-c65e-414a-9e3b-7 (...) 3.124.99.72
2023-02-07 05:01:15 +0000 0 - 0 - 1 braokeextrefore.com/35e15956-8aed-4d3f-951e-a (...) 3.124.99.72
2023-02-07 04:05:57 +0000 0 - 0 - 1 braokeextrefore.com/836438db-9e38-4801-a9dc-8 (...) 3.124.99.72
2023-02-06 08:19:02 +0000 1 - 0 - 11 braokeextrefore.com/e39f9970-e83b-4afe-9655-8 (...) 3.124.99.72
2023-02-06 08:16:03 +0000 0 - 0 - 1 braokeextrefore.com/9131d850-e69c-43f0-b8f2-e (...) 3.124.99.72


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-02-07 10:49:16 +0000 0 - 2 - 0 download.findmysoft.com/2012/11/06/NotesImp_1 (...) 54.230.245.87
2023-02-07 10:48:13 +0000 0 - 0 - 2 win.2023prizes.com/go/cff1c59c-658b-4985-963c (...) 3.70.16.242
2023-02-07 10:46:18 +0000 0 - 2 - 0 download.findmysoft.com/2013/04/08/Agenda-At- (...) 54.230.245.189
2023-02-07 10:43:28 +0000 0 - 2 - 0 download.findmysoft.com/2012/08/13/Digital-Di (...) 54.230.245.87
2023-02-07 10:41:15 +0000 0 - 6 - 0 bethnalgreenventures.com/ 99.83.190.102


Last 5 reports on domain: braokeextrefore.com
Date UQ / IDS / BL URL IP
2023-02-07 07:07:16 +0000 0 - 0 - 1 braokeextrefore.com/1de0bc28-c65e-414a-9e3b-7 (...) 3.124.99.72
2023-02-07 05:01:15 +0000 0 - 0 - 1 braokeextrefore.com/35e15956-8aed-4d3f-951e-a (...) 3.124.99.72
2023-02-07 04:05:57 +0000 0 - 0 - 1 braokeextrefore.com/836438db-9e38-4801-a9dc-8 (...) 3.124.99.72
2023-02-06 08:19:02 +0000 1 - 0 - 11 braokeextrefore.com/e39f9970-e83b-4afe-9655-8 (...) 3.124.99.72
2023-02-06 08:16:03 +0000 0 - 0 - 1 braokeextrefore.com/9131d850-e69c-43f0-b8f2-e (...) 3.124.99.72


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-07 07:53:47 +0000 1 - 0 - 2 mxsupergifts.digital/alwheelpropmx/index.html 217.69.13.14
2023-02-07 06:01:10 +0000 1 - 0 - 7 www.your-lucky-days.xyz/sweeps/iPhoneXS-EN-Sp (...) 54.230.111.40
2023-02-07 05:56:49 +0000 1 - 1 - 1 track.rendan-compto.com/9ed5687a-5907-4b78-81 (...) 18.195.128.171
2023-02-07 05:32:34 +0000 1 - 0 - 7 www.your-lucky-days.xyz/sweeps/iPhoneXS-EN-Sp (...) 54.230.111.14
2023-02-07 04:57:22 +0000 1 - 0 - 14 85.winprizes285.monster/eng2022/engn4icu.html 217.69.14.8

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (7)
#1 JavaScript::Write (size: 8) - SHA256: fc2662062ffdef9610020183ea2b087c21d71150d78a7c7463be8a9050bd3ac9
Thursday
#2 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#3 JavaScript::Write (size: 11) - SHA256: 123bbaaf2ceac48341fef895a0a422a196ee6d0459b02d3ada77e79877607478
30 November
#4 JavaScript::Write (size: 11) - SHA256: 0e673c03aeff165e672125e5f54cc0976680eb011326afb49ee7d927251d59c8
29 November
#5 JavaScript::Write (size: 11) - SHA256: d7ebd0925ba1f5ebe0689bc24d6097b3dfedf5e42811959cc8f9714219ec9759
28 November
#6 JavaScript::Write (size: 11) - SHA256: 4060779d0402bd10de9a5624a5fdf221554f2fed4c34f2d9e960da87fdbd4b94
27 November
#7 JavaScript::Write (size: 25) - SHA256: 205be260cc6f327b2df259bc4266e7e8da1b8edf0b1c502490fab145d7152bb6
Thursday, 1 December 2022


HTTP Transactions (48)


Request Response
                                        
                                            GET /c98637d3-5c14-4670-9275-660a8d2085bc HTTP/1.1 
Host: braokeextrefore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.124.99.72
HTTP/1.1 302
                                        
Server: nginx
Date: Thu, 01 Dec 2022 05:19:47 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Pragma: no-cache
Set-Cookie: c98637d3-5c14-4670-9275-660a8d2085bc-v4=gHqoyfOJK9PbaSanWkqiorx371vbdU0YS0UJLjv5VgM; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:19:47 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly cep-v4=ZO6QkvgfnlLgCXHBauuhtO0nAydLOa8WLJ0AbIj_yZMPQGPsn_gZojQ99suwfHfOoFaGwp-dl72i5HymYz93gAvPrBfgOwmKuA59ofnbLqEhtLxIB2_bv6weVwMhNFuRFZfku-1yGfkR8BxGGNdIUCOfNVXT_TY24qbTn0F0I86IBjsShKgizHjbdgokiImIv51Gtm3q2JFiRZeewhKz7IQnpWWrDUnbnS9WKp-bMzLf8nBMhhfMUqUFqNNWT4SRa96ZrAg9isUM32mwNPHBsBVSoL-cGavm_XP1bxx1XK20aMe6TAnxjl9UaJfEhXLMmGW7Q8IcQK8jtboi6cvbXOlmeAnTzOCfTLqLcBQmY_oWlw01PuJGGqEOuqdpMAlc; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:19:47 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2443
Expires: Thu, 01 Dec 2022 06:00:30 GMT
Date: Thu, 01 Dec 2022 05:19:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4080
Cache-Control: max-age=109172
Date: Thu, 01 Dec 2022 05:19:47 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:39:19 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5452
Expires: Thu, 01 Dec 2022 06:50:39 GMT
Date: Thu, 01 Dec 2022 05:19:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 05:19:45 GMT
cache-control: public,max-age=3600
age: 2
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: O+hZIi2jgzRlYRzG278iZQY5CXJbXxjHhdrAxvkEbvLQpQjCV+Wkq00eN2G45IlvxOTAtwsej+8=
x-amz-request-id: MB646FYSC9120KME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 04:46:08 GMT
age: 2019
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 05:19:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166627
Date: Thu, 01 Dec 2022 05:19:47 GMT
Etag: "63882156-1d7"
Expires: Sat, 03 Dec 2022 03:36:54 GMT
Last-Modified: Thu, 01 Dec 2022 03:36:54 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a1CtEUeZ4_TG-wKiNB8xBqE25aeZIvk9wkRvREANYdSLqHAX0ASyYA==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 05:08:56 GMT
cache-control: public,max-age=3600
age: 651
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/Flag.jpg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 27233
last-modified: Fri, 25 Nov 2022 03:56:40 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "4a14e35bd9062718e507ebaf0ab765d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yD8qfWFOPfdyvHjyvuN913YraeDLJAYndLMgEu2WZvL8VRKrP69NAQ==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   27233
Md5:    4a14e35bd9062718e507ebaf0ab765d9
Sha1:   67e18e0def6cd6d8512a3a1de358f9147b9bdb67
Sha256: 5fc09f252b00889eb9ad17cca89a75a8e170d1f7d5dc83b9e18d81fa17ee3136
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/pw_ix.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 109151
date: Thu, 01 Dec 2022 04:38:44 GMT
last-modified: Fri, 25 Nov 2022 03:56:03 GMT
etag: "3ae8e9c19f72680e3b612c7dad852073"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QOA-y3Enbs75duMPbOVB-mF5RIabZGnXC43Fx2wwMpb3BANuNPx50g==
age: 2464
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size:   109151
Md5:    3ae8e9c19f72680e3b612c7dad852073
Sha1:   359fb5f4f5f498b9cc5f38920e90eb000904f669
Sha256: 0964d4a08d0e9f9b6877b9c07c2724d16c23569a1cc39857a83564af26875413
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/ixo.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 150594
last-modified: Fri, 25 Nov 2022 03:56:47 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "4da7bc685fa662ec184a4e5d4bebff4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TGodAbGy6HMZKH89nVjYG6aEOOsYIBFG4Do-nP5uMbioyuE8VU_O5A==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 202 x 423, 8-bit/color RGBA, non-interlaced\012- data
Size:   150594
Md5:    4da7bc685fa662ec184a4e5d4bebff4f
Sha1:   f9d80c7de613985671d9660db63676ba5513f4ad
Sha256: 0cd83c0b828156f5f240c4fde678e794e2909ec8d23c2b17d95e2e5697d403eb
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/ix-s.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 54181
last-modified: Fri, 25 Nov 2022 03:56:45 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "e4223ddfb2b10da1f0d6dd9da537268b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s35ItKp7lFB2UTWI2eCQAeWKjXm6rQ96tCovLgOMkuaZUqgsjrcrsA==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 207, 8-bit/color RGBA, non-interlaced\012- data
Size:   54181
Md5:    e4223ddfb2b10da1f0d6dd9da537268b
Sha1:   c9c828a947cdaab72447d4d2260e274025c68354
Sha256: 3c540bf4496aeaac1388cb7ece901164b31f04dabf9407f8f2ec728f543cdef9
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/ix-g.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 44592
last-modified: Fri, 25 Nov 2022 03:56:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "a81c981271ea04a9ae516b8b97512937"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oRAN1O3_VPMJhr-CQVcpdPqGamROisUxdvnf4LD2THb-9baPwBJZMw==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 202, 8-bit/color RGBA, non-interlaced\012- data
Size:   44592
Md5:    a81c981271ea04a9ae516b8b97512937
Sha1:   5d055ec7a35b0311efc22d5be838c0dbe35b4dfd
Sha256: 239ed6a131c550919c7e59a2f1cc0057be22469cc6b9e05f7c191a5aebcb1a5c
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/like_user_1.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 1293
last-modified: Fri, 25 Nov 2022 03:56:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "2aa0d43e70d60d76ac4bdff139f8c7cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tn4fKrjES-HioGUJrf_Mwy1jgVQob0dHBSWRbsNiyr3DdNRqKG8b8A==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1293
Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb
Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb
Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/like_user_2.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 1216
last-modified: Fri, 25 Nov 2022 03:56:50 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "f9299c2023539a8f27a6e1b12ed260e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I-IlSX0V57VETX8SmF_5-qxgLH5BvAF4TlIy4XowphzEgaKk7xwLrQ==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1216
Md5:    f9299c2023539a8f27a6e1b12ed260e5
Sha1:   046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/7.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 4333
last-modified: Fri, 25 Nov 2022 03:56:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "b067b7287cb30c70952a17bb2c7b2ba8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kE7nVAD7pbA1wKQYjn53tenZSx_qVIexyJwQzrKLOyFFQfw7rsd8JQ==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   4333
Md5:    b067b7287cb30c70952a17bb2c7b2ba8
Sha1:   86208b6a77c998a3121de739716bf30d108d4768
Sha256: b6c91b9d5eacc1dcc9c4331d865a7f26474a96a18a1d4d80aee0bbdeb7ffb775

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/3.jpg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2798
last-modified: Fri, 25 Nov 2022 03:56:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "c0435c5a0b8dd743d5b207bccd854567"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sLTQssvdBXEP2Oldtv8F4kUYJKxiVO7MxFKZr_wvzyrLhq7HivAymg==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 50x50, components 3\012- data
Size:   2798
Md5:    c0435c5a0b8dd743d5b207bccd854567
Sha1:   7b3b222278eddf3448fe2a8aae43e8bec306da91
Sha256: 13c64405bb582243ef141e364556f17e40d2339d8908ef1243f64580535c8911
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/2.jpg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 1997
last-modified: Fri, 25 Nov 2022 03:56:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "2d38216bf35b56368815f026724ad7a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N_LfZ66iNdoPY8x_J1Bumo94l7l5WBMCmq1t6uSOy8Fm22VWqy65nA==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 50x50, components 3\012- data
Size:   1997
Md5:    2d38216bf35b56368815f026724ad7a6
Sha1:   aa431f11b160c1d6de7c00cdd294eb3082deb8b2
Sha256: 7d32ddf4f92f6fb856eac6ea9db1bf4e3e7d8ce35c27388a814a0e3da9818817
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/4.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 4515
last-modified: Fri, 25 Nov 2022 03:56:32 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "ce65860a3580eeb0663aeef0879d9b45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7XuhY-4PCJGzYsLnjxwKHQvNLZMWiyTFknrnbgCKEp7e_hl-oZq71g==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   4515
Md5:    ce65860a3580eeb0663aeef0879d9b45
Sha1:   de58e30241ef04769d91e23462eb0b7660fc4888
Sha256: 7a9408bac7aff3dbb3053960f1fda2cd13b39c965105c33556897c5c01e94468

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/6.jpg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2263
last-modified: Fri, 25 Nov 2022 03:56:33 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "69e5cc03921c4062d38f919618a099c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bi0sE7X5XF_pHHAtfeILdjOrXGiL102lwtXKU4rvbPWx6ErCNStt_A==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 50x50, components 3\012- data
Size:   2263
Md5:    69e5cc03921c4062d38f919618a099c9
Sha1:   3cd7704a62d2307abd2b031117e66e5675b4e870
Sha256: ca0ebc484c7b346381f4e52721dc1495e7b1b7421c6d471712b248a19265ce78
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/1.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2561
last-modified: Fri, 25 Nov 2022 03:56:29 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "cc828ee97beb67097fc7ab536c4af12c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dwwA6GMKiLqCvJeqef6SM-ovK1uiVK0FERI-aVJ7dljE03GsCwXHCw==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 50x50, components 3\012- data
Size:   2561
Md5:    cc828ee97beb67097fc7ab536c4af12c
Sha1:   84fea9004c5e5ac398956b2839fc4cd16d6a93ee
Sha256: a00457ad70d21f9a9e8ab218b4b2174a3fe7ec928f3bcc9e44f994fa382d7d94

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/8.jpeg HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 6097
last-modified: Fri, 25 Nov 2022 03:56:35 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "4c3de954b1a95aad7726248624aad1f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LpHPl8s--ZEnQCxDnCwAFoubvX6En96M1ui9Q7fWY93R3Dv5y2shuw==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   6097
Md5:    4c3de954b1a95aad7726248624aad1f3
Sha1:   7022b5b701205dd9a5c0f2b68efa63fd519432a5
Sha256: cab3a2c8b31da648fbf2594c99f9c33e77b15f1f868e778c31063fc501474dff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/clip_footer_3.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2460
last-modified: Fri, 25 Nov 2022 03:56:37 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "e1b626392882cc25b4d891afaa68afd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d0nGdw0dm0MHZZjhRisN-F4KljX5vWHxbwdFH4Kt93tXZt3bJXjKWA==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Size:   2460
Md5:    e1b626392882cc25b4d891afaa68afd4
Sha1:   454d7abdbc2548d04feb95436ea0ab4126b4f00b
Sha256: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/footer_right.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 4919
last-modified: Fri, 25 Nov 2022 03:56:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "0e786b7344ac0b63609290a3a415fc4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HKV_6Iplktq05ePvtEIXMIt06h_e753NZmpVGG1wZDsRwT7AsKNHBw==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Size:   4919
Md5:    0e786b7344ac0b63609290a3a415fc4f
Sha1:   c2e77827e895aaa13522f1c5c0ef79d4caef0bb2
Sha256: f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4075
Cache-Control: max-age=104099
Date: Thu, 01 Dec 2022 05:19:47 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:14:46 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/menu_2x.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 124
last-modified: Fri, 25 Nov 2022 03:56:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "8f68efd9388ccd80b43759b2ed542305"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KyotXAvuFe1x9GF3eWxdAPoXz70W7KmKTOMzUoCARIMzhaaW5r2X2w==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data
Size:   124
Md5:    8f68efd9388ccd80b43759b2ed542305
Sha1:   9f2cf96efe3bdec2ab64bc51856619cc02958fe6
Sha256: 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/notify_2x.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 229
date: Thu, 01 Dec 2022 04:38:40 GMT
last-modified: Fri, 25 Nov 2022 03:56:54 GMT
etag: "988234626ae7a880ed9c6a92f6336c0f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AdaFNgS3YUcIOsnviLD02ihpm1flRiD2JuenOU9O4jqxaM62A3yzcQ==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data
Size:   229
Md5:    988234626ae7a880ed9c6a92f6336c0f
Sha1:   173967c2b59baed4a06997d874aba32ab65da201
Sha256: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/spin_prize2.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2814
last-modified: Fri, 25 Nov 2022 03:56:04 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "f278c8d30fc51b72e0774b9ecb49214c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -7KLIXvJeVNfoxQT_7kV-XgOAU5KYE8L9bf31-0NcAQ3oiJwOvFQVQ==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Size:   2814
Md5:    f278c8d30fc51b72e0774b9ecb49214c
Sha1:   03b574db82b31ee5758eb5093fda8ea25d1b00d8
Sha256: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/action_icons_20px_2x.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1726
date: Thu, 01 Dec 2022 04:38:40 GMT
last-modified: Fri, 25 Nov 2022 03:56:36 GMT
etag: "b699975b5fe73b087e711a33ff24ee1e"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HTaNZird_Ug1xn3Rtz3QNfUs2yGt0uzZWCjKsRtzjHSqcHuyH6ahDA==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size:   1726
Md5:    b699975b5fe73b087e711a33ff24ee1e
Sha1:   0e33cc5c32a5e7d18440751e3946076664caaf53
Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/comment_action_2x.png HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 641
last-modified: Fri, 25 Nov 2022 03:56:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: "e9b3872b3e63e19728176d45f0aa6986"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EoM5eskpI4iV9dBxfWsQtGJZPKzM11jHMfkTrUPBO0sCmWWhEvYVww==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size:   641
Md5:    e9b3872b3e63e19728176d45f0aa6986
Sha1:   b638f89d5d80c4cd65327da973c52f778e30bd55
Sha256: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZrY9jS1IPQCz51P3tWBxTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.83.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hNhSsvtdDlAd9455goaeoMSKGWc=

                                        
                                            GET /js/pub.min.js HTTP/1.1 
Host: hop.greenbluefrog.click
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         108.178.23.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 05:19:48 GMT
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Fri, 02 Dec 2022 05:19:48 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2752)
Size:   1482
Md5:    31c303586c1b78e33984bd252b8e2644
Sha1:   8083e2aad4cbf8242a4e6fb53657d49552b85f82
Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:19:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:19:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:19:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:19:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:19:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGFRksMQ_LxceeV_368Xt-gjhd67bMn7D_s0X1V1fAiR6npuqCHayw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 03:10:11 GMT
age: 7778
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10985
Md5:    f07f254d44ff2fb86ee22cee39ef3eb0
Sha1:   0660a548a491d4a58ca2246f094f0553437c3f61
Sha256: 859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9993
x-amzn-requestid: 7d7febbc-2bdf-44e9-9727-9c56b5bcb138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1VNFZiIAMFV-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cf54-1f89231026a9b5c467324134;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qK6AAXX3bqNSjQerE2jNysmMWX6X5j4Mm-MRQfG06YU7YmklFfE3NQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:50:08 GMT
age: 26981
etag: "527cf32104041423176fadd3cfc2120fe63f6bfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9993
Md5:    70afa08b7d0b64772b90ae190689e6c1
Sha1:   527cf32104041423176fadd3cfc2120fe63f6bfc
Sha256: 31ebf9decb53b8180922c4b10d0427aba95a802246a5ced8ec368d814a33b843
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8660
x-amzn-requestid: 9474178d-c342-498a-996d-1ef3b804f1a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cWh0hEx_oAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385b01c-33e27513010fdec8627942be;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 07:09:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p4sQ43g-dkGS2IVyfZGDcOWowlL4wI7eEno7_fJAcLaVmunsMAponQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 07:21:04 GMT
age: 79125
etag: "9de2fd7c375e92fd60444dc677cf09428393eff3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8660
Md5:    72735620afafb0d8d91b6d83cf292298
Sha1:   9de2fd7c375e92fd60444dc677cf09428393eff3
Sha256: 9dd40d4adf9e3dacb962cc6e1bd00d38473125567eb2b57eef643be972dfe69f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wQc8gdA6brp46QVd0ee9cBtnmA9q1j3nUO2ou9MDIhecNINtmphq0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:50:06 GMT
age: 26983
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10437
Md5:    291127b670135b42b6e9687aa2a13237
Sha1:   99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
Sha256: 49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4409
x-amzn-requestid: dc9ccdbf-a051-49ce-a535-c100b8ee6f12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81EHdoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-0b06c368156b828e0c663081;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UsYYNMsulshDYcUC9N2Q3fnxjdZd5ki-0_LlXRchIsNSq0FruNhFqw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:09 GMT
age: 27100
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4409
Md5:    b8802d5080eb35e4052ef31cf7658650
Sha1:   1e78566f2e69268c5f753fb49112ab07aae3eccf
Sha256: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:29:35 GMT
age: 57014
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/main_script.js HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 25 Nov 2022 03:56:52 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 04:38:40 GMT
etag: W/"dc9a27d01c1e53204a61a4a78b5bec2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: muaK6OGJf6_J-K2JUBZIAaxQNNO0O0Pp7sVLi1NHjB6W7cCr_ZWqHw==
age: 2468
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Thu, 01 Dec 2022 05:19:47 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EXb-Yz050t9-xfJau1qYxcrVb8IacjztK5XequxGvXAtuUAcPD_aRg==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 30 Nov 2022 11:15:48 GMT
last-modified: Fri, 25 Nov 2022 03:56:43 GMT
etag: W/"00934236d502a427398c3fc1f024fe72"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KQQMYs396DkLduyiPeUTYbyj1O2myL_4HtkzUIJmzMeHSOX2IBcGlw==
age: 65040
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sweeps/S22-ZA-EN-SpinnerFlag/style.css HTTP/1.1 
Host: www.your-lucky-days.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.your-lucky-days.xyz/sweeps/S22-ZA-EN-SpinnerFlag/index.html?cep=eKBW9T2cWChGM4BZIdVf9DZv1I1PEpPkVsVBLquKv9yVBxzaD8I_E-WD-F7Iy0uD5qNdjrTmScd2whQWlC0j3XNQjdVO-H_9HDln3TsqrYx-d5c4vNp2dBJnOlW5i78V2mP8WFl1Tzx1ycbHc4MXw3b_4rBh6eLFzl-z56vG0kljs1Z9Wh2_kYIDYSYdVyRwc-8y4uduNyOuvvFZydZt5-NmfYm0cSZAtjYBP7N3daLWWuouPV_Zye-feSodhxlRSrzUis_BUTRZy4mPp_OLOhdS60LjxATSIhdGdtNh9lbXOmdTsVQ6ne1PRfNbR-WmIf92kOzquK5IXuiQD6d90Q5shEs0egHaF2UuB5yr-4iJcWI0LAv70K0BJomtCztJ&lptoken=1618696287453797876a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         143.204.55.82
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 25 Nov 2022 03:56:05 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Dec 2022 04:38:39 GMT
etag: W/"8c24a5cb4c55b9d6cd3029f5fd2c6fe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z122WxBI71Hsf6QC_ZJ7QnSBqw1-qHEDl8Ip5a3QKzXVuzVpk2Wq6w==
age: 2469
X-Firefox-Spdy: h2


--- Additional Info ---