firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 02:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VjAf-aM2SegmnhFNi5mEr1g7yUB3sb6VJALs3-uSMNJ39jX4ry1OiA==
Age: 740
ambelatemedityles.com/b84a1d49-e2f9-47d6-93a3-2ed89a730a66
3.123.187.149302 0 B URL HTTP/1.1 ambelatemedityles.com/b84a1d49-e2f9-47d6-93a3-2ed89a730a66
IP 3.123.187.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b84a1d49-e2f9-47d6-93a3-2ed89a730a66 HTTP/1.1
Host: ambelatemedityles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Tue, 27 Sep 2022 02:27:50 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Pragma: no-cache
Set-Cookie: b84a1d49-e2f9-47d6-93a3-2ed89a730a66-v4=Hr_C8bCulp4dq3llTEplfJimSAIjagrjvUgM_NRDC-4; Max-Age=86400; Expires=Wed, 28-Sep-2022 02:27:50 GMT; Domain=ambelatemedityles.com; Path=/; HttpOnly
cep-v4=tunSLK7xTPztLR9Td102OkBnlkozctCXi6ts4YK7sqUYhF8xAPSXV4XnqdG5r8ux4aQNv2SnS4H6reob8s-fLbAIR7x4Gox_7towHyVsVcucPxyRwQT7hOPiN3idO5V0jXY9p-Fm5rBcRVjWqqy3VvbGVRDFO-uSHM4kIBTI57JMXILq-FurRsyHYFplC2w_UujJtGIsvBFzx0dkE7Piu_qZ1RlqwT8i5QPZUXzCpVq6yQJKHTP5_89YGDe8mPKCWf_oaqwSWlgpop8vKoYvlnxTCSNcDd2xdePpkp42Q9pDehjJUqQUgbQCwSog5ThZv_bnHaleovIETb4gYXnyjK-mfZUHL8bYKKL2gihe7MI; Max-Age=86400; Expires=Wed, 28-Sep-2022 02:27:50 GMT; Domain=ambelatemedityles.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6004
Expires: Tue, 27 Sep 2022 04:07:54 GMT
Date: Tue, 27 Sep 2022 02:27:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14204
Expires: Tue, 27 Sep 2022 06:24:35 GMT
Date: Tue, 27 Sep 2022 02:27:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NPkPmpQdJGfwMkVbXh/7Z/ZSUqIEFiIZu/lr3nno1rBtLZfLCROalSFgvnaAYOFtfYEa5TH2usE=
x-amz-request-id: X6YC8RXHZEBJA5XH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 01:49:07 GMT
age: 2324
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 02:27:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 02:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 02:36:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4ptFTO7uyBw_8oD78BLQyZs4P076T_yjuQUHzY-Fbu93kQkH8TQt_w==
Age: 1025
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c628d4d3781e639879506b620fa72d35
c07785cb157e460f480deb3408c4981021cb0307
d8f060d615432a5b43c39e26c2bcfbf001dcdafa5e16ddd442672922e0ead393
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8F060D615432A5B43C39E26C2BCFBF001DCDAFA5E16DDD442672922E0EAD393"
Last-Modified: Tue, 27 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 08:27:51 GMT
Date: Tue, 27 Sep 2022 02:27:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:27:51 GMT
Last-Modified: Tue, 27 Sep 2022 01:18:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
162.241.63.77200 OK 3.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (425)
Hash 33b4daf57d7eb9932f5516c0091e20ef
6481443bf9e826d397cae30f50adef5a6611cbcc
1094efd57fda8395914c6b5c20f55e7de32f2cef2b9cba72ac7941b9785e9367
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 17:26:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3608
content-type: text/html
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/reset.css
162.241.63.77200 OK 781 B URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/reset.css
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5a17891d99bce86cc3b5b76f842d5196
1a9886c3ca2e6a4853b3f48972f6c099d3472a68
8f0b3a7d2887aa4e67489dfa1572f7efa807c0b4922164a79ad0deafb4e19f01
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/reset.css HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 781
content-type: text/css
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/media.css
162.241.63.77200 OK 359 B URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/media.css
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash fbadc150351a43f2f4478c20d6deb4d7
c17b4a2a10d97a26d857d96b6f1245cbcb893ace
2c0f621b87fd817c70116265c6ab89572e2e33819d4dd9f73d40409236c94afb
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/media.css HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 359
content-type: text/css
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/animation.css
162.241.63.77200 OK 968 B URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/animation.css
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 66eae46bae03f0e85ae3460abb3fd41f
fe81dc2b8d3d1c01d9ad103ed80adfd3c4832860
aa537a86c90b9e9045cd673cf1b169e3fa9d7d42ac998b07ad09f981b4585a4e
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/animation.css HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 968
content-type: text/css
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
162.241.63.77200 OK 2.4 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d653b78c8e4cbf80a993ec042366834a
8254325e337b4808d9b6d07ee22f2fd521a6ff83
dc75d4abe1a90df41d0c269f43ceb0788bc0dbed4d1f5ecfc1b5a436d6c3b960
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2438
content-type: text/css
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o1gV8NxsEQ6c8f+Rf4sTfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x0dU5qwXyTHYDCZCrFYLP2bpznM=
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo.png
162.241.63.77200 OK 25 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 297 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 7773b089776724b15b74a327e93e6557
615aa83aa7e2263e822e6be7faae864f68ae46c8
ce41ebdd9ac5ef2b08135396639d7587ce8e93907dcf3e61e895a6aed1507f68
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Sep 2022 04:06:14 GMT
accept-ranges: bytes
content-length: 24755
content-type: image/png
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/chest-closed.png
162.241.63.77200 OK 57 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/chest-closed.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 290 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash fc8af1ab78bb423e2623b06d62b8a0a7
db478c5fdf1488a978f1e4a2d09eae53ef86b28a
fce39aa10e7d39afcf436da54716ad4a83d20231112cc5e22260eeb742d3bf02
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/chest-closed.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 56644
content-type: image/png
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/visa.svg
162.241.63.77200 OK 1.5 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/visa.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8e85631cc5f2a2926c1ce34cfac11a21
859c94db5874e6c505247e50168f75d41628c8be
bb71ea78c2661fb01e3be23719b6a839f1cd4d4adebe99e2c0d79f23bf3c827e
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/visa.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 1474
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/mastercard.svg
162.241.63.77200 OK 8.7 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/mastercard.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8281)
Hash 9dd2c6867234e214f15bca690ef88a11
5f013b48d8a06a25269be17b161c4a5bf864f714
a1fa7e0c742386fdb2af920069cc70da23e03ad6213ab18477f0dc2fb5911d3e
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/mastercard.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 8713
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/maestro.svg
162.241.63.77200 OK 3.5 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/maestro.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (508)
Hash 7476d680cab28ed9232a668d5bb8e890
4e6fcf8fc51ae4352dd9f31b7533e49db706d0ae
21683f7960cb67d7dea90869be9f524c2ef77c525b5878ad351a0f81188ff218
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/maestro.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 3494
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/instadebit.svg
162.241.63.77200 OK 6.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/instadebit.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (968)
Hash dd83bb7c4557d96e5639212952348600
01f466445f0ff5422ea910f8738ec2bd85bf565e
f203f3c013833145a05937708e583f8ac12ec18deeb7cb8138007e13f9e1574b
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/instadebit.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 6578
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/idebit.svg
162.241.63.77200 OK 9.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/idebit.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2030)
Hash efa3e082713723dfdcd5b0f5c1f41585
c60440e8535025de7a91b0bda563dd3a9e64fab2
60f67b0883d6f762258cf59272b32c29c150363bd6efcfbefa0e6067c54cec30
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/idebit.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 9552
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/neteller.svg
162.241.63.77200 OK 1.8 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/neteller.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash 57b02a83509dd5c719b2ba49d942e0a8
789a1f2e6a7704cf4ced138eed54c8f5373ce96d
d586f6d270079a6cce1bac4ad6bf79bd73e66ee8d53d9482dbcccc63c582c860
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/neteller.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 1841
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/zimpler.svg
162.241.63.77200 OK 6.7 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/zimpler.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (667)
Hash dda7714b749f09b16de1b9647eaadfe8
e49cf38dbdba0f76b96862ac2e851805b22f0cd9
4dc1e801e0eaa763f269d0681520aef02c6408bf5bbfa097a85b8f2a16826d0c
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/zimpler.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 6656
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/interac.svg
162.241.63.77200 OK 58 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/interac.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39639)
Hash 5d163b3f9cec19b620567d45284c5b55
5a39a3868c4f720c8f7dd34224e04e9f939e9b0d
0765eac40abd301553b8607d1dc2964bd65534c2e6ede51831521033d56cb8e1
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/interac.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 58229
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/endorphina_w.svg
162.241.63.77200 OK 3.4 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/endorphina_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3382), with no line terminators
Hash be98bdf9228b32ec53f94671da6b2344
57896d8aa3e4b61626a700ee3bf03bb439d76235
15f566ec3233a2b94ac39b0e412a46b4fa952b8260adcd6a08d70397bfc06692
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/endorphina_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 3382
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/betsoft.svg
162.241.63.77200 OK 4.2 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/betsoft.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4189), with no line terminators
Hash 75df55f07b69135f65faa2a4813a8d4e
3ead817513d1500ef80c04947959191c9b5ef186
c5066e3e61f19209c4496152852b729269143645b91b7f9cf98ea7a2bd4ccdff
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/betsoft.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 4189
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/evolution_w.svg
162.241.63.77200 OK 22 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/evolution_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2889)
Hash f1391a88a87e80ba2d6229ae5a073a91
fe27bc7dbb62dfd32e4b24074bb1fcfa15dcdc3d
166abe354a7a4384d4018734f252dffd7c5f090bbbe4cebcaf0a94f1e5bafe0a
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/evolution_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 22329
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/nextgen_w.svg
162.241.63.77200 OK 5.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/nextgen_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5637), with no line terminators
Hash ea06e80e40ff564ef6043b7b96a035cc
ff4f25b491c7141e028cf39363ee6b830126bf55
4b5cf0174cfefffae7513615e8ef750c1f52df8b0f7b71a62ec9698c1fcd71c7
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/nextgen_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 5637
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/softswiss_casino.svg
162.241.63.77200 OK 19 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/softswiss_casino.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (19225), with no line terminators
Hash 96e81660636d80a011b0ca7f396cbcec
faca175893cbda73bc7def562b0fbecdd6dc65a9
c7035b38d2d7e872c834a0e1a5be3cf5f9711144fbb2c0c8b04f8cc8e7235e1c
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/softswiss_casino.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 19225
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KSHDJ4S
142.250.74.72200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KSHDJ4S
IP 142.250.74.72:0
File type ASCII text, with very long lines (2080)
Hash 6e22e122e6e2ba08346e9302d1cd77aa
c9ad4d1e6ad31083c39cbd3bff955eaaaff25385
40aa9c00f70c3c23c5c32bbc100c80f4aa584182fc9e94e2c08dbc4113f225c6
GET /gtm.js?id=GTM-KSHDJ4S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 02:27:52 GMT
expires: Tue, 27 Sep 2022 02:27:52 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/etransfer.svg
162.241.63.77200 OK 66 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/etransfer.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39056)
Hash 35cc0431cb9bd538c41a281a69d929b1
965ccfea943f9e62072fdd7f068bdc705153175a
82d783444689bbb4f7cf5058f32de383b73854f1cfdcd8427d02eae59670cee0
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/etransfer.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 66162
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/netent.svg
162.241.63.77200 OK 2.1 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/netent.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 46f4643fdf900e4511876f34a12ec947
6dfa3fc9ef936f75eb7d59c1bc709a80bc0bde8f
6f8931e6847e033f3a99195e4769017717caea9ca3972a189331133ac7760f79
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/netent.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 2098
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/paysafecard.svg
162.241.63.77200 OK 4.0 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/paysafecard.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (384)
Hash 2f66aa14c3a3858824518ca90d7e4ad1
60aeb9c949572d698ebe3cef58db5cd3fe521037
e265fe576cca48ed56d541ba39bc63715de65dc185a109b2d1d3f3c79f7388a4
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/paysafecard.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 4044
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/main.js
162.241.63.77200 OK 510 B URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/main.js
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 960c1431ce64d9b3bcf18b44a83b332a
131b4d82eaafc7ed3ab5f6a192d38196f467a02d
131d6bb818eb0d41345696e5d766454811b3117e65b6de850f4e59287b2c916c
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/main.js HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 510
content-type: application/javascript
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/bally.svg
162.241.63.77200 OK 8.3 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/bally.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4856)
Hash 6da132ed2e5912f97d5d2e4ab3c6c54c
b0e2fb257cea39cf368a570ce828ea502c47b587
97fa6301cecec3797182c2da8c2170054a6c8ec65be614f4c3a175d918951213
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/bally.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 8309
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/skrill.svg
162.241.63.77200 OK 1.8 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/skrill.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 87bba01ab496ab607ab9b995aa6fb709
05788cd939ecbb51a5e49621c69283a70e126e4f
4e5689b8d4bc61f21f17334c830015fd81255741a0a6a002a78862904e7b7b54
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/skrill.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 1751
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/barcrest.svg
162.241.63.77200 OK 22 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/barcrest.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9502)
Hash e4cbb9ac59c5c7de917d873473556f33
27136e525541fe6fa8ebf067ce3960541f7bd413
d5a16fc856bab70b8c202e8f0169ca7f7f17ed8590816b463996c0a78566a17b
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/barcrest.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 22475
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/red7.svg
162.241.63.77200 OK 5.7 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/red7.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5199)
Hash 229b643f9c7be3e8ac00635ce0445340
08e9f7e553afb182c1753bf8cad58cc820f469b4
f658e3a9334870be6fb10822d95f4a6c562431cd5f274c527695317c4023b3da
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/red7.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 5713
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/quickspin.svg
162.241.63.77200 OK 3.5 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/quickspin.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3473), with no line terminators
Hash 23da913cabad3d15de23729732852103
9e958258278ebbe13e921554bd525ef42033e6ed
5c3018685710a1f0879644acec0e5ba0e46d5ffe3000ad05b944bae7c91adc3b
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/quickspin.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 3473
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wazdan_w.svg
162.241.63.77200 OK 1.1 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wazdan_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1097), with no line terminators
Hash 3776b66e9d55f7e9f636179b9531fff2
3a55e49ed2e38d5f501f8fc6d7b12722a26e7966
6afe8f99d11b450fe3fd17510c0d9107b4b907c4eceec0e5b5456960668a3c30
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wazdan_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 1097
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wms.svg
162.241.63.77200 OK 1.9 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wms.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1948), with no line terminators
Hash 0db8a7a9133fd33fc1f5c443e2b76e0b
162df366c3fe26fc0a26e8c8f19b78a7c38f535c
8724b8a6693e235c1744cb1122e7b29fac1c63848536574ff3c23b43afb43317
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/wms.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 1948
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/responsiblegaming.svg
162.241.63.77200 OK 2.8 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/responsiblegaming.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2774), with no line terminators
Hash 7c899a90effb9eed3d7c859cafdf0230
aebac3170833e6dcc70a5c278f673d73d893559d
12052812d4e481278022bb294aa379da01a13264c096329ac32f0d6ebbb8ab7d
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/responsiblegaming.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 2774
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/pragmatic_w.svg
162.241.63.77200 OK 3.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/pragmatic_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3583), with no line terminators
Hash 7caa541f1ac04f7d9d2ec27277098c9c
24cd195c3145839d5bba4725b1bd87cfadc67eba
85bc71014e29d4fd49587110132b0f1189c11a6d44fedf8c431903c057146895
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/pragmatic_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 3583
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/18plus.png
162.241.63.77200 OK 2.6 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/18plus.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash aa403c19c8bce9b439066f54f5e18f90
d70053bf913f70c4375698c89304eef6fcfbc32d
0467576b0fad150f832219a35b1955628d4b01167a1ff0b65dbd6056d28b67af
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/18plus.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 2598
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/safe-secure.png
162.241.63.77200 OK 4.9 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/safe-secure.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 169 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash d92c9939301f0cac88ec7c584fcc81af
8318ba829effd3b54f9ef48eb7d3c0d24c109e4f
7b48cd35122c1e245c1b14a6e74a3c5372dba3a9d655ef7ee679840aa7826a2c
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/safe-secure.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 4917
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/scientific.svg
162.241.63.77200 OK 14 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/scientific.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2150)
Hash 79be121cdacd028cc753f12e15763931
560178ac0aeaba574cacd21fce9f4f10afcbe9db
75a0e1272c95feb652fbee57ec03e3215f7215b66a22a593ad12b3f9e8bd2b00
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/scientific.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 13829
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/yggdrasil_w.svg
162.241.63.77200 OK 15 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/yggdrasil_w.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3634)
Hash ff575b8601256b5708bb171b720aca39
c038e193eab4893cc50e7cc5450fd641ffa6438a
9e0eb8d773c7b474cf664449243f7c51756097cb241641950f2bb70fad07aef9
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/yggdrasil_w.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 14825
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/playngo.svg
162.241.63.77200 OK 16 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/playngo.svg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5686)
Hash 5884959d31fe353220030949d28b079e
8f8be5b808a383d7e09f94251fcae2b20c1e14eb
e93dccab1f3b36b56e389e5c89d056252b529b441edcac5226f7fee9968bbccb
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/logo/playngo.svg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 15840
content-type: image/svg+xml
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/sparks.png
162.241.63.77200 OK 20 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/sparks.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 613 x 724, 8-bit colormap, non-interlaced\012- data
Hash 73752c315eceb6ddd6b8d212f0f8f945
146a3b0ef9a5304cf768b2b09555041fd82f6d22
f47fc00309a6af71a145bf391ba6550c47f8949b61270aaab441dddcb9e6be7b
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/sparks.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
content-length: 20132
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-decor.png
162.241.63.77200 OK 106 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-decor.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1230 x 625, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (106071 bytes)
Hash 5273d98a3adac22754b77acf981a9fe9
022d2b9b917eb1cce2448d69ab44486c7e2333e4
1402b97b10c15f9453123a13b82134c0308b021750194387f9c0fe455b305bd1
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-decor.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 106071
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-bg.jpg
162.241.63.77200 OK 337 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-bg.jpg
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, baseline, precision 8, 1920x1000, components 3\012- data
Size 337 kB (336844 bytes)
Hash cbb38c3b636224208b4455ab2314e208
2dd3385e66ff2be15c53e9ca9d09553fead79331
32b3cf8221218c52fde309cd43a08e68db91dd34d9283906d75a0a5a359558b0
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-bg.jpg HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 336844
content-type: image/jpeg
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Bold.woff2
162.241.63.77200 OK 62 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Bold.woff2
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 62056, version 1.0\012- data
Hash 40f7a8038f37bcd90961fb8110f0f5da
0bbeb129a5bf2deadcad1886add72e33e9ce87f8
1ea7399a735f4f24d867b9a4d8684cda4601310d73ea4606c49cff711d3c51d1
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Bold.woff2 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 62056
content-type: font/woff2
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
main.realsrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
95.211.229.245200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 02:27:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A92894%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Wed, 27 Sep 2023 02:27:52 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exdynsrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
95.211.229.245200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 02:27:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A92894%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Wed, 27 Sep 2023 02:27:52 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-img.png
162.241.63.77200 OK 257 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-img.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size 257 kB (257425 bytes)
Hash 8905241b5fd63cb49c6a495d19197541
ac436686d92ce9d24db0e8af0995de608b04cb08
6a09e1d410fb4972eb5bb6117f346b927cf2591abebd92ba004efc486eaf80e1
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/main-img.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 257425
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 270e963409400ca97c6d4af5a5f43417
b78499d27e1bd0b97349f7ba2481e59fadae4172
605c8f256bc88f8bebef71fb8c869595c78fed60302282f0c617c1722df00f2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "605C8F256BC88F8BEBEF71FB8C869595C78FED60302282F0C617C1722DF00F2B"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3758
Expires: Tue, 27 Sep 2022 03:30:30 GMT
Date: Tue, 27 Sep 2022 02:27:52 GMT
Connection: keep-alive
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-bg.png
162.241.63.77200 OK 284 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-bg.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 520 x 312, 8-bit/color RGBA, non-interlaced\012- data
Size 284 kB (284373 bytes)
Hash 85034052b4313498b3c3bd34ddfc8fda
ba8b81aeb7b5b8ab9775bf25caa1ad1f75f59077
417cee40208189d6e04ec543453ef1a2769d96d63cf31580a6af12dfad163ea4
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/popup-bg.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 284373
content-type: image/png
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/jquery-3.3.1.min.js
162.241.63.77200 OK 40 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/jquery-3.3.1.min.js
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash eb43776548ae2b157fbd0d4751b4ea30
ab665d47bcb2845aaa81fba38f6e3e2766fe1317
d3fa82192447f36e819bb9a502cc9ae3ec95d292b32bd4bff3515c8ac92fd7ef
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/js/jquery-3.3.1.min.js HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 27 Sep 2022 02:27:51 GMT
server: Apache
X-Firefox-Spdy: h2
pushtorm.net/subscription.js
142.132.255.57200 OK 4.0 kB URL HTTP/1.1 pushtorm.net/subscription.js
IP 142.132.255.57:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash a18bbb9702705726ebf82c852a7d1d36
1e9a63e806c2bc077e90737d1bf4d4180febf122
bda99459f19aee22caabd80a554b9a7d60f935d8d3ddfff62edf3dab7dd48d4f
GET /subscription.js HTTP/1.1
Host: pushtorm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 27 Sep 2022 02:27:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: br
Last-Modified: Thu, 22 Sep 2022 12:01:44 GMT
Accept-Ranges: bytes
ETag: "1d8ce7b153c73b0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Regular.woff2
162.241.63.77200 OK 63 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Regular.woff2
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 63212, version 1.0\012- data
Hash ac35bf2f313045353c04a3803608fec3
131f8a84c9daa2a8245f0e16dc90ef4a295d0d2a
0aff3d001df2f4a793cb90be4ef4b9b79d0c8d661e568aff19d9c1f0050f2d6b
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 15:49:26 GMT
accept-ranges: bytes
content-length: 63212
content-type: font/woff2
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-0.mp3
162.241.63.77206 Partial Content 63 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-0.mp3
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Hash f2c333e40a1d9f108b566ed14e83dd78
4f75f8e7c290b6c9f14f93699516b7097e5cc4af
f7ca13295aa54ad1520ba5a6eac602d5cb0143cc5c21d4c12ef1fc03185b2bb7
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-0.mp3 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
content-length: 63390
content-range: bytes 0-63389/63390
content-type: audio/mpeg
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/chest-open.mp3
162.241.63.77206 Partial Content 63 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/chest-open.mp3
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Hash e3c0bd47437dd29cfcfb04fffe432144
ac015d81b9ae5f5ced5a8b40e624de24d8276bf4
bb729525208964ad4ebd3af5ed8c9f53db13261c32b5f3f9cb151eace4032fb3
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/chest-open.mp3 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
content-length: 63390
content-range: bytes 0-63389/63390
content-type: audio/mpeg
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-1.mp3
162.241.63.77206 Partial Content 101 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-1.mp3
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size 101 kB (101007 bytes)
Hash 54d91dc77f4e905b3d90b66441f6333a
c213f2c642c93ac76191e61d9fe530f39340b361
ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-1.mp3 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
content-length: 101007
content-range: bytes 0-101006/101007
content-type: audio/mpeg
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-2.mp3
162.241.63.77206 Partial Content 101 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-2.mp3
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size 101 kB (101007 bytes)
Hash 88da6b9ed0e64ef406ab5e7b3474b227
92068d14a2c4cf93de697cf9abc9496c3c5c481b
1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3
Analyzer Verdict Alert fortinet Phishing
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/audio/fanfare-2.mp3 HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
last-modified: Sat, 17 Sep 2022 15:49:27 GMT
accept-ranges: bytes
content-length: 101007
content-range: bytes 0-101006/101007
content-type: audio/mpeg
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ee8eeda4e9bcb3bb0b0c4a986ae7e68a
c9724fa989a36657e73da839c1e3cb59e49a8833
f4217a1b5a0487d90e984066fca080549632068d63a0b914494503a4adf14f79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 02:27:52 GMT
Last-Modified: Tue, 27 Sep 2022 01:06:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
main.exoclick.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
95.211.229.246200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 02:27:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A92894%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Wed, 27 Sep 2023 02:27:52 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exosrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
95.211.229.245200 OK 20 B URL HTTP/1.1 main.exosrv.com/tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=5c37abb0c3b15f9de5dd203efbf0dc6e HTTP/1.1
Host: main.exosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 02:27:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A92894%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Wed, 27 Sep 2023 02:27:52 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=Avalon-landing-visited&context=Avalon-landing-visited&cookiename=Avalon-landing-visited&age=250000&maxcookiecount=10
66.254.114.89200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=Avalon-landing-visited&context=Avalon-landing-visited&cookiename=Avalon-landing-visited&age=250000&maxcookiecount=10
IP 66.254.114.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=Avalon-landing-visited&context=Avalon-landing-visited&cookiename=Avalon-landing-visited&age=250000&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Tue, 27 Sep 2022 02:27:52 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Thu, 27 Oct 2022 02:27:52 GMT; Secure; SameSite=None
tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Thu, 27 Oct 2022 02:27:52 GMT; Secure; SameSite=None
aadb093f34f21f2400c1078a3b2d3915=Avalon-landing-visited; Path=/; Domain=trafficjunky.net; Expires=Sun, 19 Mar 2023 17:07:52 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 63325FA8-42FE725901BB9C31-2119C22A
bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/favicon.ico
162.241.63.77200 OK 19 kB URL HTTP/2 bestforlife.life/vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/favicon.ico
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 6 icons, 64x64, 24 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 35af76324e042e0391bd4f481dff67b7
f12def9fbe721859e06a8e33ac263308207b3496
df81c027d74dca3113daa78994b9ddca71fa0ee35165ee03b0fd2a0ac5c09530
GET /vulkanvegasjp/landers/avalon_chests_ca_en/Avalon%20chests%20CA/images/favicon.ico HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/vulkanvegasjp/click.php.html?cep=IYnxyvUrWppYwX-BXzFKpPZ3AWeSgyNrfk-3Lj81PgWsMc3mzYuHtGISRWhBL3MT24_pYJNuvFDFmMXyDzc0oVWvTl31qDBDENaHfdvcmIeIVFLO8kh2fklz0hpoS6vdVDtRyy_07NeW5a1Letf5OpxRnFg1Qkec_Z01YZLDFerKfruUuOGyN7UqXAXe4b8Dl6qeBaUCLylgjoQcN_7VvqFP5FO6OpA4ugYOKYBQIy3KcLuTqWtKJ1TKO74pIWmIrDA9J39uCgGervsUDjBmh4NiD5t9kLsgQbLH-AePRZRMW_tD0E2EZOHtTUjU5YEIQw55tiK4GNFpdZ57J9t2JXvub1g2-1ViI0vMjqrRyWQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Sep 2022 04:06:14 GMT
accept-ranges: bytes
content-length: 19094
cache-control: max-age=604800
expires: Tue, 04 Oct 2022 02:27:52 GMT
content-type: image/x-icon
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/sw.js
162.241.63.77404 Not Found 14 kB IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16728), with CRLF, LF line terminators
Hash 2fd342c93cb312faa1ba677916751786
73332a4af13a51ba7fef8f3b9e1e3f5829a216f4
1e8faf0b838b733a2bfaca8da5ed5b38140a6eddcbd290d6844224a364ab15c1
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 14262
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 02:27:52 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:27:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:27:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:27:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:27:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:27:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1XA-bBkY_FXGy2X6EITlNNf-QSMLu2POxTo1Vq6bcqkEkkOni45zIQ==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:08 GMT
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
age: 17325
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 3003
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: f292e8c1-3e79-4f59-a3aa-6863330835d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VioHHQIAMFlmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfaa-65955b7d7998a0dc6eded103;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx3JPGA6ZeR_7v1MXPDgc2T3RQ2mm48Q9Cb9kydTN9O1OUHlXO4NxQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:03:14 GMT
age: 12279
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 17326
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ff2dbdbf6d450f0d9774777b3c5aa6e
2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:14 GMT
age: 4959
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 38UTZEh7vpUlYc9mGIdNrIy4fgLQf4iErqzZLY5mM5fdMQwvJvoBvQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:12:45 GMT
age: 15308
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-6P09-hgjmDFe4Y7P1KnXtJAuvJNen8XsBVIexf521SOxMivJ4t7A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:53:33 GMT
age: 30867
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2