giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
54.230.111.96200 OK 4.3 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1244)
Hash e70184b4173a0fd99339327df0f5a829
7f8ebc007bc948dccaa0ac3fc2a2480a33dabd34
2a9a522b5312ebe0946385a51b04b6c8e01fc948fbe1ee6f29f9e01181c4e6d0
GET /1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 21 Mar 2023 13:00:54 GMT
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
ETag: W/"8e0bb02b4834aa19f5197916e154997d"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ax9MEvq4vGeR-LKDkjWzRE-XI19z6GXBRrI72QCxm9dSMEN2NmeQ5A==
Age: 24818
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Tue, 21 Mar 2023 23:16:20 GMT
Date: Tue, 21 Mar 2023 19:54:31 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13296
Expires: Tue, 21 Mar 2023 23:36:07 GMT
Date: Tue, 21 Mar 2023 19:54:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 19:27:26 GMT
content-type: application/json
age: 1625
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6672
Expires: Tue, 21 Mar 2023 21:45:44 GMT
Date: Tue, 21 Mar 2023 19:54:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9GuRFxwRiCjvPekPnm/Uc6jZqC5wUsLU2WgABOPXqM7CloL8NE0aSE2Eo7EkGojwS21mDYTlr24=
x-amz-request-id: XCJNXA5HREGD355F
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 19:53:19 GMT
age: 73
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
giftz4u.xyz/1/prizewheel/iphone12/pl/css/app.css?id=c588c17324f2be0e0ec9
54.230.111.96200 OK 33 B URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/css/app.css?id=c588c17324f2be0e0ec9
IP 54.230.111.96:0
File type ASCII text, with no line terminators
Hash c588c17324f2be0e0ec90a18f39e7d7c
69d360eddd15f527aac7f7e610346517732b7770
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/iphone12/pl/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 33
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:52 GMT
ETag: "c588c17324f2be0e0ec90a18f39e7d7c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lr8D7Bp8FTUj2VUAuRwdzyvtXQh08oypVSryzVQcz_QqJM80ke-ogQ==
Age: 20381
giftz4u.xyz/1/prizewheel/iphone12/pl/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
54.230.111.96200 OK 1.1 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
IP 54.230.111.96:0
File type ASCII text, with very long lines (3495), with no line terminators
Hash ba8a1435ff223b2909706f678310def7
6d945ed87239f4b1544ee080873e3aacd70ac653
cafe68f02f3d4331a25a26a8419497011c8d18b583064f9ad7eacc167a5f5081
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/iphone12/pl/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 21 Mar 2023 03:30:09 GMT
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
ETag: W/"cd41123a11e97e0f2444b57d180631a0"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7WmhB_XbDzdsEKrSggLLo6O3x2rq3tLwBYJLgRDJaV9cJ6gi1c1EXg==
Age: 59064
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 19:54:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
giftz4u.xyz/1/prizewheel/iphone12/pl/js/landers/prizewheel-fb/app.js?id=9ce67e774d7587d76bf9
54.230.111.96200 OK 52 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/js/landers/prizewheel-fb/app.js?id=9ce67e774d7587d76bf9
IP 54.230.111.96:0
File type ASCII text, with very long lines (65475)
Hash de2ad53f7c0a42929f72ab3704fc69e2
b19c0c866d22a9ad0206560c95a20071f22a1f6a
7086f6e656295a85a41a08b1a8dbbc89dacffb3aa658c6beca6e6ad8bb222e7c
GET /1/prizewheel/iphone12/pl/js/landers/prizewheel-fb/app.js?id=9ce67e774d7587d76bf9 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 21 Mar 2023 08:48:33 GMT
ETag: W/"3e7bf4c42d8d685fbce1149971416ef2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4etD6b3lGIUlXWRXIzmZAkOm54f9uYxva9vpSHL9dsIfJTViVPmo2w==
Age: 39960
giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/loader.gif
54.230.111.96200 OK 5.1 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/loader.gif
IP 54.230.111.96:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 5083
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:25 GMT
ETag: "ed786659a534e0d183c09a90c50abc9d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _bv9W8Hfi6JeBChssO011N7v7xlllQMiQyVf5IcNHEH5WtrM1RUcOA==
Age: 20408
giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/notification.png
54.230.111.96200 OK 449 B URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/notification.png
IP 54.230.111.96:0
File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Hash bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
GET /1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 449
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 09:15:49 GMT
ETag: "bd5203f2cc9e7a9125e4575e029541b0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1W98R5BuGMY1l3FNd_9XbzYJWs5tKYg0p5U4vqiulCJXhRTAxst2Zg==
Age: 38324
giftz4u.xyz/1/prizewheel/iphone12/pl/js/app.js?id=d5f25c7b0bcb6df904a3
54.230.111.96200 OK 977 B URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/js/app.js?id=d5f25c7b0bcb6df904a3
IP 54.230.111.96:0
File type ASCII text, with very long lines (977), with no line terminators
Hash d5f25c7b0bcb6df904a36614b5441fae
318c3d74f655da3f44f256ed28e000dda3a54111
80bf387149a3863d890de5f3b15356b90f92187c10edbac0674fc54de499e8a8
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/iphone12/pl/js/app.js?id=d5f25c7b0bcb6df904a3 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 977
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:53 GMT
ETag: "d5f25c7b0bcb6df904a36614b5441fae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jp0UNnx0LGADTNjvTvge_oJj0mWd9q9afIpBGLSkO22Lr9EwX8fosA==
Age: 20380
giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_spinner.jpg
54.230.111.96200 OK 32 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Hash d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 32496
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:55 GMT
ETag: "d4655cba21d806e849eed4e4119fbe1a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JjaVPNyYKm1GNsBCq8E2ZRdBM8713vcniwEYDm-Mgdy9p2LEhMKfiA==
Age: 20377
giftz4u.xyz/1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/default@0.5x.png
54.230.111.96200 OK 36 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/default@0.5x.png
IP 54.230.111.96:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 3425f87a8def62d878b3fbf8f930dee2
961688eb1d3c97e9ed61199b0fcd32e60d1d3467
7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d
GET /1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 35519
Connection: keep-alive
Date: Tue, 21 Mar 2023 03:30:10 GMT
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
ETag: "3425f87a8def62d878b3fbf8f930dee2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8ICysufMMMJoE0KP9rX2HI14KskuCiTIN94WAXkoIS3cIwjjx88tOw==
Age: 59063
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/6@0.25x.jpg
54.230.111.96200 OK 2.5 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/6@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 16b747e82cf312a2ced55303d0498d39
5e6d8443cb51b6ef2f1b8418e210c1cb4cb3272d
9689a7da01f10d4f058803fdfa77b6e874073e0eb3e7007c9c551d6a85b2e10e
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/female/6@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2496
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 16:08:19 GMT
ETag: "16b747e82cf312a2ced55303d0498d39"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ONce5ZDAeiw1oyqNHs_jkjDbEgN_qmrGkYjv8el4dSWgiaUBndKPCw==
Age: 13574
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/9@0.25x.jpg
54.230.111.96200 OK 2.3 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/9@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 3ee4f789968700c627e093497418ba7a
5167cc73c33fae5fd4188aa0726af6cd745a874f
6615703a9d11b53339464d4878af74874fae469524ce02266f02c9f1dd6c2239
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/male/9@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2283
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:59 GMT
ETag: "3ee4f789968700c627e093497418ba7a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p486644ubbcX9FHr6rUtBR5MNPpBD_dmsfpIFFYQI-EaIMLDEagmRA==
Age: 20374
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/3@0.25x.jpg
54.230.111.96200 OK 2.8 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/3@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 8196857e051c12bf3fbc80c5d2706f77
6c5b5053cade51a1c872fd0fccd6425cac4654ad
e7da422e27935176f348741986684bb7579b8f27b00d5e740c0b205f35fd382a
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/female/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2833
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 17:12:03 GMT
ETag: "8196857e051c12bf3fbc80c5d2706f77"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MI5HzXo7ZgogSkqhHAt5C7_dxANI5lTkNRZ3oBXN9oXFpgiDc0mNEw==
Age: 9750
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/10@0.25x.jpg
54.230.111.96200 OK 2.7 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/10@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 1112732142f99bb6c1631b89e0d3ab7d
23f5c0c1a491135b6e2e16f1f649773ac95d7bdf
fb6ecfa12b19fa686f2e8138fe5be303d5e08f270c995e2bc287c33b62faa503
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/male/10@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2736
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:57:11 GMT
ETag: "1112732142f99bb6c1631b89e0d3ab7d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QHanG_T4FKDf5dmyxCrwsiex7FTINi4gPTY5NDkDofDwlz8_73ZuDw==
Age: 17842
giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_static.png
54.230.111.96200 OK 3.4 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_static.png
IP 54.230.111.96:0
File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Hash dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /1/prizewheel/iphone12/pl/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3370
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:14:56 GMT
ETag: "dc484e0043b5ff6191b1880c8779863c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mC2UDLSrV8tQ7FluQzOPhroKc1QypRwQGR3XLKt6Q4BqOrKsKCFuDQ==
Age: 20377
giftz4u.xyz/1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/proof.jpg
54.230.111.96200 OK 23 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/proof.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Hash 029d38095e06ced0688fd67a58e70781
b5bdaddeb39b947c35f883f001f34dd163bcb362
5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1
GET /1/prizewheel/iphone12/pl/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 23152
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 16:08:19 GMT
ETag: "029d38095e06ced0688fd67a58e70781"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uhmgTqPLWh-hV5Q4y__cgQqGCkdUKuYDajIybGNLcudw3isc2kxUug==
Age: 13574
giftz4u.xyz/1/prizewheel/iphone12/pl/img/fb-like.svg
54.230.111.96200 OK 2.1 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/fb-like.svg
IP 54.230.111.96:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4627), with no line terminators
Hash 6339f263a7bd6246056bda98ae188336
60b93c1930cef992fac533e306c6e1033f95e028
0068899ef50e4bcb1827c1ce475827d3d82e2ddd8a24e578a5c669a613aa7fa2
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/iphone12/pl/img/fb-like.svg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 21 Mar 2023 19:48:46 GMT
ETag: W/"765203989756e91925e8f947e660b644"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ld3-jJi5JMxcisak6lo-r6LUvXyYV9BmbARpTENAdNF6MkYUjANbsA==
Age: 347
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/5@0.25x.jpg
54.230.111.96200 OK 2.6 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/5@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 5e930fa2efb8142b942712a603c0d112
82a6ab6fd202a0e973b4e83861cb9889294289cd
b15d6a868ff22d57beec85074fbac2b0bf4d94aba82586f91e28f1843bec2482
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/female/5@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2607
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 07:48:44 GMT
ETag: "5e930fa2efb8142b942712a603c0d112"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7M0FxKCWz-B1V-DQP7xU0-xq7Skpx20ZNZATBiwaHYvR-OAxQCLG3w==
Age: 43549
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/1@0.25x.jpg
54.230.111.96200 OK 1.9 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/female/1@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash fbd823b4b286d9441a68da275eeaf828
ed13e98d4b2615e7b00eb9c432c25d46c70389d6
3da1e9cfb273447e5e799ead9e3c1be32c4d95a1aef51982a3dfcaf76ab75afb
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/female/1@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1924
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:03 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 14:15:00 GMT
ETag: "fbd823b4b286d9441a68da275eeaf828"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NFTimxdrCYqa-JiQ84EYLhCUVyw1IMK8X78C4rj_A9eCJOstrGLVzw==
Age: 20373
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/3@0.25x.jpg
54.230.111.96200 OK 2.8 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/3@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 54fbc106f1b9db6ac824a4650d60f3bb
100e44c2fe78adb90e6f949045a50149bb7f3774
559cdadc5c3fcdf6e028d343c420ce52983ae44b1ae217c8c60f1067a081104c
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/male/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2844
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 03:40:48 GMT
ETag: "54fbc106f1b9db6ac824a4650d60f3bb"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8VXcuMPscNHCt-_aylFG8Dh_LE_MEfDWGy_N8RfSVJFrI3wr7u-tsw==
Age: 58424
desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js
139.45.197.250200 OK 15 kB URL HTTP/1.1 desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (41313), with no line terminators
Hash dcd19cf25949bf1a35809fa63335b48b
2b03bb4636f8f41323a163e98f1c0b29a08831ba
e3fb360d7e372c224499b9858c6686c7fae772c7d6e9ec4480334204b89dd478
GET /pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 19:54:32 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Mar 2023 15:32:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"641336a9-a161"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/2@0.25x.jpg
54.230.111.96200 OK 2.4 kB URL HTTP/1.1 giftz4u.xyz/1/prizewheel/iphone12/pl/img/profiles/caucasian/male/2@0.25x.jpg
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash bfc6eca6ea03a0dae038e42188616d92
d8b88015604798d901a5929a2331e7f581baecfe
ac8b3a49e5e511cb0d40f376c87216e5116ec0f85a6de30e157e0fdf45fe7acd
GET /1/prizewheel/iphone12/pl/img/profiles/caucasian/male/2@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giftz4u.xyz/1/prizewheel/iphone12/pl/index.html?brand=Google&domain=fastweblink.com&cep=5ZOV63_imz63CJj-VRK7TaSTyHFmI8c6reWG9mzi8xsoPWUAF2u6XplpN7S8i7huAchyEUO04mHFEX-ibPfcEln8vjZFNKoSfB8W8xCJ_BCCR-7shWQBjhI71T79z6dtPG2Ys-BHBDPb2Z9TeGpuhHhMjEaPUb-9OyHXCizZcuZC-6Oon3dUF9Cgoo3OgkHIvSrzliJ9kXpVAfwmjjQ3PROY-9E8QQSI0vXqvOYV_NR3ywV8NzWAyI3rpMQ8bPvX7faW0GOC9UQyA1asH1u0p4uelNG1Bra9WgDROeQIByPhGLE6gVUJ-qgaZ8pGZZkuTwejXOy3HuhnRyPASVJQdBTZXUPasuZ_NaGsnRdp-2HPh7CDHGzbJESmpoiY_jUxp0ERjTrEynjyadw6VFM_Lg&lptoken=16e2798f43b302086010
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2359
Connection: keep-alive
Last-Modified: Tue, 14 Mar 2023 14:00:04 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 21 Mar 2023 09:16:45 GMT
ETag: "bfc6eca6ea03a0dae038e42188616d92"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gtcwFR3Avdy-rerO4wCCyN3dCL_whvlxx6LlHZdMuF2vY2VQ7jlp2A==
Age: 38267
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 622198762d32bfe87b5bbc7ad351201f
3ee49d76d2ced61deb1e9528d44832dbd0af0b10
e7b73971a90fd3bae8dad78ce110b4f2ce0125680bee44436bec4e18065f4594
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7B73971A90FD3BAE8DAD78CE110B4F2CE0125680BEE44436BEC4E18065F4594"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6057
Expires: Tue, 21 Mar 2023 21:35:29 GMT
Date: Tue, 21 Mar 2023 19:54:32 GMT
Connection: keep-alive
desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
139.45.197.250200 OK 0 B URL HTTP/2 desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://giftz4u.xyz
Connection: keep-alive
Referer: http://giftz4u.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 19:54:32 GMT
content-length: 0
x-trace-id: 3c6c0d83c4930d49034659806c73e7b7
access-control-allow-origin: http://giftz4u.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 19:14:33 GMT
age: 2399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9471
Expires: Tue, 21 Mar 2023 22:32:23 GMT
Date: Tue, 21 Mar 2023 19:54:32 GMT
Connection: keep-alive
push.services.mozilla.com/
35.82.212.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.212.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x21DZ3QrMuiKnOajLSL8MQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wo88K9ZdWN7i8sYWPR9/Kao3PFE=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Tue, 21 Mar 2023 20:31:20 GMT
Date: Tue, 21 Mar 2023 19:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Tue, 21 Mar 2023 20:31:20 GMT
Date: Tue, 21 Mar 2023 19:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Tue, 21 Mar 2023 20:31:20 GMT
Date: Tue, 21 Mar 2023 19:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Tue, 21 Mar 2023 20:31:20 GMT
Date: Tue, 21 Mar 2023 19:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 02HknfEEVW-DU3f3sOQgfs_eL48pvEgV4ft__uRLXOFlDO5qX5tDsQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:55:31 GMT
age: 79143
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yQgmYjA3RIk8IVzzOoHdYl60H1BO_IeCF_7d7AmTqjuIOxQIS2dyDw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:08:29 GMT
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
age: 78365
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59a97c7842690d7acd0ff07d949b1ef3
8719d7d6866855fdfba87e06128fb1969d857732
203b0e030b9bf84a8a2731c1b46d57e60ee50a53cc925845e7b20cbd60362136
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5456
x-amzn-requestid: 545d20a4-ed22-4be4-98aa-23383209dae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUKFC9IAMF4pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f4d-3e927ea45de99d4b286fcfc8;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:31:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qXn3EwgagFD2MH4PzDYxxVd1eXOQQxHDkNdxXGxwuS-tmPNxWXYukA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:51:25 GMT
age: 79389
etag: "8719d7d6866855fdfba87e06128fb1969d857732"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37da4f74-766e-41d9-a774-49f626f750e7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37da4f74-766e-41d9-a774-49f626f750e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7ff2fa3219118fba5b4b4ab131c2881
54fe3df9c2d39151a505153c0137173116848ff1
01c646e5e4fd299b492170a25d9d1030e1b0b517b8da8caf7c0265e5f6913e35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37da4f74-766e-41d9-a774-49f626f750e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7715
x-amzn-requestid: dd57ff83-d593-4787-9282-6b4c2c7786d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI-EP_IAMF7OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-01482aac2d94544f682ef258;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: iAs9q_-_ucOisqMf2zHDO7YZFn0XFtyaat1lKri-i96OwuCWtJr08w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:38 GMT
age: 79736
etag: "54fe3df9c2d39151a505153c0137173116848ff1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 77473
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5aa79770d71507827e79149031b5cf
338ee74f53fac2b19a90981bc4b02a3c3722a1fa
81df6f2312df6e488ae91c172ecf872d694497ffe80500f71eb97e6c06ff5f5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: dfaf4924-b8c3-4b6b-a079-7c3903fdf4fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVjGJyIAMFS9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f56-6379351b215dc2d9638de9ea;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XYA6F9VzUqxozJS4OsX-TKy81mOHUB7N6L7rkCaQJmXe5n-a_Zce-Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 77473
etag: "338ee74f53fac2b19a90981bc4b02a3c3722a1fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2