| fastweblink.com/7c2186cc-de4a-4b0b-9e82-9bdcfb851f3f | 18.156.16.63 | 302 Found | 0 B |
URL HTTP/2fastweblink.com/7c2186cc-de4a-4b0b-9e82-9bdcfb851f3f IP18.156.16.63:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Singtel Optus | | fortinet | Phishing | |
GET /7c2186cc-de4a-4b0b-9e82-9bdcfb851f3f HTTP/1.1
Host: fastweblink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 01 Apr 2023 03:36:26 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
pragma: no-cache
set-cookie: 7c2186cc-de4a-4b0b-9e82-9bdcfb851f3f-v4=tLLGgb6CcfDig3-Ds-6FQ5n06uykCvHWMDkfogt1QzI; Max-Age=86400; Expires=Sun, 02-Apr-2023 03:36:26 GMT; Domain=fastweblink.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=aZQ--2y0cIY3g_UijrJlii6KGyWZdfJ1kI5IEmeM6shTDYqVw8FlRMY3OYxKZiNbD0SnfbP7d3dzEXPWSdLtrkUZWoWOfWS6vtveRpSSDfAlqOrXJQRMFsL9NstOZI98unlv9DXLb6CZT1QM1BdQo5cJBf5tNG1Ny2fca2euIBYeIRYQMgHJhvaFHxI3Wc-ix5jlHwnXOJOGrH7bhQbRfh0r-wIVSHXZ7d8mL4XNv5uA_4eD3R9rPbRv_6ICTokb6XxIoPGlBB5HJG6mTb3gUULbqM9Nioog72123H95hDRCmUmHQoKAQTBfa0m8uwfZLz-mQkkzlfpkXtdB9b_9rFFQE9iElQkHGWaxx2Fo4tM; Max-Age=86400; Expires=Sun, 02-Apr-2023 03:36:26 GMT; Domain=fastweblink.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3184
Expires: Sat, 01 Apr 2023 04:29:31 GMT
Date: Sat, 01 Apr 2023 03:36:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash034b06325b334948200ef1d79d4ddeb7 b9a3c93cff37cbaaf20cca79b965b1a21c525ce8 417ce2093027b05cc34199c75e6b29f155c4dd3150651b6b3dbe8564098c4143
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417CE2093027B05CC34199C75E6B29F155C4DD3150651B6B3DBE8564098C4143"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17708
Expires: Sat, 01 Apr 2023 08:31:35 GMT
Date: Sat, 01 Apr 2023 03:36:27 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 03:28:26 GMT
content-type: application/json
age: 481
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha57eb49c1ac36edd2db6573eb357bd87 592724177530a39ce4af02874beb776b91fefbbe 0dd258adc062ad2b6f5ce8fec0457e55e594c942817f37509ca2d1f2e8152edf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DD258ADC062AD2B6F5CE8FEC0457E55E594C942817F37509CA2D1F2E8152EDF"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12162
Expires: Sat, 01 Apr 2023 06:59:09 GMT
Date: Sat, 01 Apr 2023 03:36:27 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qbbGzCG+SSLGewtScgOjgVPyaDwtCFQ9GQbyfCXk7agfk1ltCqMt+1tyST66x2ZHY8ET4I5VF/w=
x-amz-request-id: C5GBXF107JD8ZJFR
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 03:12:26 GMT
age: 1441
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 03:36:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash64ce3ee76b22917c97ef1a8eb25cbb1c bf62d2739e67520ff726d88326db1756f5ff1e2e ce60c2498ef5c5639d88f37cc51eb2fc3e1443203498455418f083545966a011
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166354
Date: Sat, 01 Apr 2023 03:36:27 GMT
Etag: "64278d8d-1d7"
Expires: Mon, 03 Apr 2023 01:49:01 GMT
Last-Modified: Sat, 01 Apr 2023 01:49:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n9gm4pJoEbf_qJgQyr6R3zAwL9GzzZ2IHqV2RW2ag14dS8I2IojO8Q==
|
|
| itsawinner.xyz/auoptus-cash/img/prizes/iphone-11-pro/default@0.25x.png | 54.230.111.8 | 200 OK | 57 kB |
URL HTTP/2itsawinner.xyz/auoptus-cash/img/prizes/iphone-11-pro/default@0.25x.png IP54.230.111.8:0
File typePNG image data, 250 x 179, 8-bit/color RGBA, non-interlaced\012- data Hashc589b66a6454cd93cd62674046d45847 35c1021773100a622f898c0f5e4f7504d0036d0d d034658713c51249da3df464698f4ed59cf58e569c7145cc3fd3fcba97da35b5
GET /auoptus-cash/img/prizes/iphone-11-pro/default@0.25x.png HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 57133
date: Fri, 31 Mar 2023 14:55:33 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: "c589b66a6454cd93cd62674046d45847"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZgI9L4IuSgy86-r5NC-lF4B6r7lcjK3jT4EKXyCHUkxj1yFL4brjbw==
age: 45655
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/img/landers/survey/entel.png | 54.230.111.8 | 200 OK | 9.7 kB |
URL HTTP/2itsawinner.xyz/auoptus-cash/img/landers/survey/entel.png IP54.230.111.8:0
File typePNG image data, 450 x 450, 8-bit colormap, non-interlaced\012- data Hash74a3e3d3d0b5b3f6c420f14bdf2767fa 9e713d678956d5671d99fb75e4843b949c0610c6 d7b505888328310fc769cdb36add55a8541d6d4c43e2ec72a03e18f8ee88af35
GET /auoptus-cash/img/landers/survey/entel.png HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9690
date: Fri, 31 Mar 2023 14:55:33 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: "74a3e3d3d0b5b3f6c420f14bdf2767fa"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XpIQkGHAhRfR0s9nGcvqlzisXXnGLew6uy4aZ5azkhyD6NAqVvDBrA==
age: 45655
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/css/app.css?id=2b8d5309d40668bd2ba4 | 54.230.111.8 | 200 OK | 309 B |
URL HTTP/2itsawinner.xyz/auoptus-cash/css/app.css?id=2b8d5309d40668bd2ba4 IP54.230.111.8:0
File typeASCII text, with very long lines (309), with no line terminators Hash2b8d5309d40668bd2ba4b65a45a635a4 32af532e13b8cbde6c4458330d0c64c9f8001654 b894064a5e464372c66d036df3a577a8d9a4e927c47f16a02c036d8625eb3ca3
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /auoptus-cash/css/app.css?id=2b8d5309d40668bd2ba4 HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 309
date: Fri, 31 Mar 2023 14:55:32 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: "2b8d5309d40668bd2ba4b65a45a635a4"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vICCs58Ds72RYaNNoj4anrox3e4cqPz525oKGiY9uqe-VtdOGXL22Q==
age: 45656
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 03:14:41 GMT
age: 1306
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash63478a33bc3fbaf20a0f017d18ab3057 649ac1f3033baa29402f15317e4b85b679c9fd47 743b98302c3cd5d1b3db2f6c691a76c11a52910f6f61f01a57c4e1415602ecfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "743B98302C3CD5D1B3DB2F6C691A76C11A52910F6F61F01A57C4E1415602ECFD"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8047
Expires: Sat, 01 Apr 2023 05:50:34 GMT
Date: Sat, 01 Apr 2023 03:36:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash782ca4845ea5e0ec981e33231b1e61cb 032116b75e124c57877524e9e4f523b6d7c65820 94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11655
Expires: Sat, 01 Apr 2023 06:50:42 GMT
Date: Sat, 01 Apr 2023 03:36:27 GMT
Connection: keep-alive
|
|
| desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js | 139.45.197.250 | 200 OK | 15 kB |
URL HTTP/2desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js IP139.45.197.250:0
File typeC source, ASCII text, with very long lines (41316), with no line terminators Hash0ecf6fdfee643f03e72d6f83ed00ee68 e2788f2ab55a93809d1c4eac6bb79bd6955bfe72 7991d3bf5a333e109fe3830f132634fa45e9d4a1fe6be340aefe9d956be5e546
GET /pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 03:36:27 GMT
content-type: application/javascript
last-modified: Fri, 31 Mar 2023 12:18:43 GMT
etag: W/"6426cfa3-a164"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.40.151.151 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.40.151.151:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1/o/qCycC/NMkYeniOilnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AeWYWCYPzp4NSXGUzUjxwdlrzNA=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash14539c5e0ca6ce826e62bdadad738bbd 92ce1bbc7f338d3e48e35d637513ab0aba610a98 58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 01 Apr 2023 04:55:15 GMT
Date: Sat, 01 Apr 2023 03:36:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash14539c5e0ca6ce826e62bdadad738bbd 92ce1bbc7f338d3e48e35d637513ab0aba610a98 58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 01 Apr 2023 04:55:15 GMT
Date: Sat, 01 Apr 2023 03:36:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash14539c5e0ca6ce826e62bdadad738bbd 92ce1bbc7f338d3e48e35d637513ab0aba610a98 58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 01 Apr 2023 04:55:15 GMT
Date: Sat, 01 Apr 2023 03:36:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash14539c5e0ca6ce826e62bdadad738bbd 92ce1bbc7f338d3e48e35d637513ab0aba610a98 58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 01 Apr 2023 04:55:15 GMT
Date: Sat, 01 Apr 2023 03:36:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash14539c5e0ca6ce826e62bdadad738bbd 92ce1bbc7f338d3e48e35d637513ab0aba610a98 58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 01 Apr 2023 04:55:15 GMT
Date: Sat, 01 Apr 2023 03:36:29 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc7a1cb3f6466e8edda3a9812c683f298 2e0415c7cbceef918add7de96c1f35393b499d49 43fdd189ffa0b3323cea6113bc4b8f4a55baf4acd869a79f5b1bf988dd82620f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9166
x-amzn-requestid: e6475900-b87a-4e72-8196-42fd6589cfc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7BFw-oAMF-sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751df-519756f52943cf855b4e0bf7;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vnxCcZzVTM1zw9mRBX4PmoE_eQTgWWTPZM-hhijOiWYRjnyf-8hhjg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:03 GMT
age: 20186
etag: "2e0415c7cbceef918add7de96c1f35393b499d49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash63f65b3207378879c6e794007b8a11ee f0ee85f6acc45822ca5dc638bedefb21618d9127 dadd45018a3f500653176e5d585284fa28ca8140ec71c666feb4ab1b93f54c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8479
x-amzn-requestid: 918a80ec-9fed-420b-b213-3c7e34e007ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9WEw_IAMF53g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-7cdad9533b2617c0043823f2;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jh-3_Rb1rG13lHKqhXtUe3dt6pO2CADP7IL_zAadlgCvgoNiWDQ8jQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:04 GMT
age: 20185
etag: "f0ee85f6acc45822ca5dc638bedefb21618d9127"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashda174e6ccc9451c5071ba10eeb97f6f6 c38827a9ac1218768839877263e1f2984fbdc454 76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 10:41:48 GMT
age: 60881
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha88f6c7b5bce83cc00e9e8271cf56702 21835a62ac378c55a61a762636b811a837749648 40b4e80bf0a5ac477804025c56beb2263d77a9f84933eabf6d464589e6f1d573
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5257
x-amzn-requestid: 694e361b-d59f-4a35-b547-de5a42689670
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClU6mHJuIAMF5Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253510-4f0d883b2f15ceee32b013da;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:06:56 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 4E6V54wVgPXKvD4UNObxUE7CnWL18b7pGRf4a4Ntoe5r3JcVLQUyqg==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 07:13:24 GMT
age: 73385
etag: "21835a62ac378c55a61a762636b811a837749648"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash44245685a18b4851aa4ec222ad8b8012 7c7a0bd6f7f8b33e1b6f17ff9d03cbfd62411fa3 80331505a2b776e26443bbf6e65b30c2c4cd56a29279a80a4bb27aa232a42a27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9845
x-amzn-requestid: e8a2d894-3663-4895-b710-c277a0f029d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm8FFG3IAMF1Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e6-7096042c78cd0e9925df81d1;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ifbckq238lByDcUdMqHYalI0UMft6tUmRPY-dd51-vPJViV1UxjWyg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:00 GMT
age: 20189
etag: "7c7a0bd6f7f8b33e1b6f17ff9d03cbfd62411fa3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif | 34.120.237.76 | 400 Bad Request | 3 B |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif IP34.120.237.76:0
File typeASCII text, with no line terminators Hashfcc3d7489d15ef49dbbf735234234cf7 654e0aaee80e38636c503629d32225db31a616de 52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Sat, 01 Apr 2023 03:36:29 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: 26c565ef-58cc-4af4-b517-71ba0b1a3e44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Crb8gEnooAMFYww=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427a6b6-7d96cb1d4b1508e92d75a924;Sampled=0;lineage=69363f46:0
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Error from cloudfront
x-amz-cf-id: QEoIhHcwHvRmAk5DvLGMrGyZDXJfNkhEx4IZZYg0u-rAVPeddfqLXQ==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450 | 34.120.237.76 | 200 OK | 1 B |
URL HTTP/2img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450 IP34.120.237.76:0
File typevery short file (no magic) Hash7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450 HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1
x-amzn-requestid: aee588f0-3799-4d5e-af78-82a5ba5b7dfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CrT8mFfwoAMFUvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642799e9-3bfed5f209fc3c633ad4e894;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date:
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EZWyNM3UUBIxC2Ha2mBKkkAt7UJnh0uw53vNguT_yz0xnwGpxamuOA==
via: 1.1 304b956e2039e07753fa39109152d594.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 03:26:57 GMT
age: 572
etag:
content-type: application/x-empty; charset=binary
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687 | 54.230.111.8 | 200 OK | 0 B |
URL HTTP/2itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687 IP54.230.111.8:0
GET /auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687 HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Fri, 31 Mar 2023 13:36:41 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: W/"dd2bb917663510d663631c49424f6232"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B-PbS0hpfT3p-KnqHeFtmHHMcteH4RbPGWjjU9GVArJm3XNHSp3kBA==
age: 50387
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/js/landers/survey/app.js?id=a2e44b85ce440753c01a | 54.230.111.8 | 200 OK | 0 B |
URL HTTP/2itsawinner.xyz/auoptus-cash/js/landers/survey/app.js?id=a2e44b85ce440753c01a IP54.230.111.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /auoptus-cash/js/landers/survey/app.js?id=a2e44b85ce440753c01a HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 31 Mar 2023 13:36:44 GMT
last-modified: Fri, 31 Mar 2023 12:10:28 GMT
etag: W/"a2e44b85ce440753c01a2da1238d16e6"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pkWAjuDe-8ZgXvsvdFKv92vzd77YpfT0rzGTtX5zrduLA2qtPuXFsg==
age: 50384
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/js/app.js?id=f9380415e1fafc78cfc9 | 54.230.111.8 | 200 OK | 0 B |
URL HTTP/2itsawinner.xyz/auoptus-cash/js/app.js?id=f9380415e1fafc78cfc9 IP54.230.111.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /auoptus-cash/js/app.js?id=f9380415e1fafc78cfc9 HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 31 Mar 2023 13:36:44 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: W/"f9380415e1fafc78cfc942998f59598f"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kh6Pj-4Rk2IChi9qIx86VjlMgnlA11fMvVirmPNJzH3BriuYITdVfQ==
age: 50384
X-Firefox-Spdy: h2
|
|
| itsawinner.xyz/auoptus-cash/css/landers/survey/app.css?id=3dea3cc428f109709a1b | 54.230.111.8 | 200 OK | 0 B |
URL HTTP/2itsawinner.xyz/auoptus-cash/css/landers/survey/app.css?id=3dea3cc428f109709a1b IP54.230.111.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /auoptus-cash/css/landers/survey/app.css?id=3dea3cc428f109709a1b HTTP/1.1
Host: itsawinner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itsawinner.xyz/auoptus-cash/index.html?ip=91.90.42.154&domain=fastweblink.com&cep=n7ezDZfnRWfwjTX-dcq-sk-seq2epb-vIx0ceJ_GGNfimk649z7RROd3R0ZfoPjkflTsWHs9znfGD99y0TcqVfTlRDgHufty4fMq1v6NQtJOrT3ULNObLsIEh_S48AR01Yz-1Zbjr0GSlff13eEiGdEn7sHHWrfJrfmWnpI7lX1eXGXW66XH5jRtGY3p3kDU1sDs-ndyH6AJyqkEs8JWv9pkW7w-yPRBs_gc1V3N5mRBTeCLtiUHCQxkPg07Us2CD5RddIJKQcQLodDJnrJ8t9u6xMoKo53ypmxnj2JekK-ovdcBtr1kvPE9hVLPpXRICvapPhnSniHJGkxvVqKThTxnmALBkbeDuP2TRKCYN3g&lptoken=167e808432c419978687
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 31 Mar 2023 13:36:42 GMT
last-modified: Fri, 31 Mar 2023 12:10:27 GMT
etag: W/"8b6b5a6ad1ff6cc40005f6c84a3e1438"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: knIeK2mnyEaOsZz3HiBkXXUb6of-gtCxswenzePU1p-BXnpgxcHeBA==
age: 50385
X-Firefox-Spdy: h2
|
|