s.freakyprizes.com/win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd
200 OK 3.8 kB URL HTTP/1.1 s.freakyprizes.com/win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5882)
Hash eaba196cd23bdf3a4aad202da5b2b33d
a007add629c6e5be06b2daa4198f684cedaf6b0e
51b51dbc68c9dfd9163684aa64314349ce5ce867000970c2dc52ad72b2d871e7
GET /win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 30 Nov 2022 10:34:38 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjYwSlhFMGRIODhkbFlPcjZudks0cHc9PSIsInZhbHVlIjoiWm1RV2lGSWo3WnA0S1JOdTBTUFRVb3FDTmFtL29zYm5TMVBjUWZPNkpnRUUrMG5VcmRqMkFGZldNVlJrMDBrZERGT2RMWE9OTFA4NlpxV2dFKzBod3ZUcG9ZUG4waStLWmM3bG1PWXY1elM3WExzSXYwek9Fa3VXUlhMOU5mM1QiLCJtYWMiOiJmNTQwYzI0MTQ3Y2U3MWI5YzliNTU4ZTFhMWJlZWIzOGFiOGNhMzc1OWM5YmUxYjVmODdiZjE2ZmMyZjczYzcwIiwidGFnIjoiIn0%3D; expires=Wed, 30-Nov-2022 12:34:38 GMT; Max-Age=7200; path=/
ivr_offers_session=eyJpdiI6InVwUENXU2ZPQlBBQWVEaHZLZ2ZodUE9PSIsInZhbHVlIjoiV1pzME1HQmVtZUM3N1hpWlQ3cStCaTlpQ2JYZG9sVmJRaDRkYkpZMTdyM0swa2w1Zjk1VzFtZ1RVNU5NeFN4cUJPQjFqenBQaW9KVk1tNEtGZytCS3FnM0R0WmtqUVdhWXp4eS9DQktscCt4WGZCMVo3dXJjcWh1VFh6ZGtJeTIiLCJtYWMiOiI2NTQyYzI3NWZjYTllOGE5YmFhODA4NGE0YjY2MzM0MzA0ZTcxM2EyNWE2NzQ3ZjQ3MGExOGQ0YzJmYmNjYjFhIiwidGFnIjoiIn0%3D; expires=Wed, 30-Nov-2022 12:34:38 GMT; Max-Age=7200; path=/; httponly
SESS_TRAF=eyJpdiI6Inl1RkVyOVBZSlhwOVI3K2p6NnpBOEE9PSIsInZhbHVlIjoiU3ZmRThGMFUyZzV1WVh1RW5jK0VmUTladXF2ckFVenI5S1NDNDZLSURpcXlVUWVua1M1dzdRZ3IzV0FlREFIVzVkZWdhRGFadHpnSTdlbjhGbCtOUEEySldGVkQvUVZDczBLWUxaNmVXbDJFSEdNVEJBV3gzT294bUNoRWR0UitNK3lzWklHNzdzVWRiWjFVcHk2Z3lndUlNL01Hai8zckdCK0hoR3kvM2VhSXIxMXFNUUJydURoU2JaTzdKT1hoOENFV1p5NDFKaHAwSnlnWkdMb2UxNktvVmlGWlJoUkRiN0dNSHBSVGpUbjlaT3dqTHNmRGg2WTg0VHZnSW5QcldUTUFPV1pzZzltTGI2SXBlQmNYaEwzZ21mQmZTTnZhZVUwd01ncmY5c2s9IiwibWFjIjoiMzMwMzAwNTk0MWI3ZDNlOThiMzM2ZjkxZjhhYWE4Y2FmZjM2ZGQyNDQxNDg3MjFlOWJjNDFjYjVkMTEzNTdlMyIsInRhZyI6IiJ9; path=/; httponly
visit=eyJpdiI6Ik9HVG94VEFHSGY3R2F4elV0aWx4TVE9PSIsInZhbHVlIjoiSkdRNDIwMWV4WkFseDNKUy9yN0UzYmQrWXNkbnN5aG1yY2xHUG8zeDNKazJhTkFuRERWMFY2VXhOWW1LcTlMOCIsIm1hYyI6ImIyYzZkZmFhNzVmMzk4MDNjMmEwMmZhNWY0YmMwMGE4YjFiZjAwMTcyOWUxMzBhZjEzMDFkYjYyNWIwNTVmYWMiLCJ0YWciOiIifQ%3D%3D; expires=Thu, 01-Dec-2022 10:34:38 GMT; Max-Age=86400; path=/; httponly
HbPnzWInPsyhw0CcHJrZOkllPz0KDFE0s3unk85z=eyJpdiI6Inl3ajVDMUhEMUVxWGpSbExwQ2dlM2c9PSIsInZhbHVlIjoiRmlrWVlpdjlEbm52MTliUzhjT2plazZrRzAwSC94VjZNV3ppYTl6QktJKy9OMU5XQkxtWWFobXZvYlhWTUxQSk43ZndjQ3RqNXd0YmRkS0U5dmRaNzJKTERKWDVNK1lJQUtaRUVBaGVTb3BvOENXU2szaXZ5M3huNHFGWlkrUnViOStqSzBFdXBDblFUdUErUEtPd0dCZXVDNmF0VUl5enZUcWQ4NlJQUTVlV3Z4UjhHTzBmd1F2amRYTFlXY3I2YXVCaXNPQjgwVHhlc0hIcFlwUm5lam5kMURpK21lK1RvL1R6MWhzbEw4MHJVYmlWYlEyZXpOK3dVNk9FK0dVbnVXZEcyQWc4ZHRCQmpxZEE5VVhpbzZpL0FXNnlYMmUrTkYveTB6QWd0UTB5VU01Y1ByREFQbVNOUDdrdlhzYlMxRmZQVnRIZDNQQVhKV1puMGFuOHFibGdFdFNiT0lSckNtT3lGMEVPakY1Q2JrdTRVZ1dETFp5dVA3RFFTbURWRzhKc3Z2dFVncGZBVGFra1pyaGxhYjY4bFR4R1VOS3liQjNxWXc4SERMcEkrOUx6MjFXSDlCWUhwRy9RYmZ4Tkt2bldWVlhtNlQ4V2xJUlQ1cUx2SmVSaW04R280ck42K1ZHV1VLN05RT2pBTmhXZWZrb05OeEtESXpPQ0RRUW5tVldjOHFVQ3hTR1pGV2hsR0YzVVJJaHU4WWtCVDlCWG1pek1ja0orRkVkem9EckVyUC9BeU5QY2lQd3JHMzlGbWZ5ZURkNnZ1VWxqUXlBdFd2cDlzQT09IiwibWFjIjoiOTZmZWNhZTQ4MTY2YzkxMjg3YTgyOWFlNzQwMTI3YTY2M2M2M2Q4YzA0YzQyMGUyMWVhYTE5YWI5YmU4ZjNhOCIsInRhZyI6IiJ9; expires=Wed, 30-Nov-2022 12:34:38 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9442
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 10:34:38 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:34:38 GMT
Last-Modified: Wed, 30 Nov 2022 09:51:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 10:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 897
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6637
Expires: Wed, 30 Nov 2022 12:25:15 GMT
Date: Wed, 30 Nov 2022 10:34:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /bymtoG10OjeroF4kNyZyrnWFQx82ejEmMJqMldKIZsLmOGbX1aMT8Ni27go9AVZz4uIR+BxYRo=
x-amz-request-id: T99XMM6QM9Q4G1A5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 09:45:11 GMT
age: 2967
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 10:34:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
s.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
200 OK 1.0 kB URL HTTP/1.1 s.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
IP
File type ASCII text, with very long lines (2967)
Hash 1afbacdf62ccbc91b0b13ff53e2b805b
8a56e95e2c1ccb375e17b861c533d68655e3ea44
c692e7a804aba79cadd4fc88c0fd5c48b4843d01e8d3ca19c3da4d77662935cd
GET /css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3 HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s.freakyprizes.com/win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6IjYwSlhFMGRIODhkbFlPcjZudks0cHc9PSIsInZhbHVlIjoiWm1RV2lGSWo3WnA0S1JOdTBTUFRVb3FDTmFtL29zYm5TMVBjUWZPNkpnRUUrMG5VcmRqMkFGZldNVlJrMDBrZERGT2RMWE9OTFA4NlpxV2dFKzBod3ZUcG9ZUG4waStLWmM3bG1PWXY1elM3WExzSXYwek9Fa3VXUlhMOU5mM1QiLCJtYWMiOiJmNTQwYzI0MTQ3Y2U3MWI5YzliNTU4ZTFhMWJlZWIzOGFiOGNhMzc1OWM5YmUxYjVmODdiZjE2ZmMyZjczYzcwIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6InVwUENXU2ZPQlBBQWVEaHZLZ2ZodUE9PSIsInZhbHVlIjoiV1pzME1HQmVtZUM3N1hpWlQ3cStCaTlpQ2JYZG9sVmJRaDRkYkpZMTdyM0swa2w1Zjk1VzFtZ1RVNU5NeFN4cUJPQjFqenBQaW9KVk1tNEtGZytCS3FnM0R0WmtqUVdhWXp4eS9DQktscCt4WGZCMVo3dXJjcWh1VFh6ZGtJeTIiLCJtYWMiOiI2NTQyYzI3NWZjYTllOGE5YmFhODA4NGE0YjY2MzM0MzA0ZTcxM2EyNWE2NzQ3ZjQ3MGExOGQ0YzJmYmNjYjFhIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Inl1RkVyOVBZSlhwOVI3K2p6NnpBOEE9PSIsInZhbHVlIjoiU3ZmRThGMFUyZzV1WVh1RW5jK0VmUTladXF2ckFVenI5S1NDNDZLSURpcXlVUWVua1M1dzdRZ3IzV0FlREFIVzVkZWdhRGFadHpnSTdlbjhGbCtOUEEySldGVkQvUVZDczBLWUxaNmVXbDJFSEdNVEJBV3gzT294bUNoRWR0UitNK3lzWklHNzdzVWRiWjFVcHk2Z3lndUlNL01Hai8zckdCK0hoR3kvM2VhSXIxMXFNUUJydURoU2JaTzdKT1hoOENFV1p5NDFKaHAwSnlnWkdMb2UxNktvVmlGWlJoUkRiN0dNSHBSVGpUbjlaT3dqTHNmRGg2WTg0VHZnSW5QcldUTUFPV1pzZzltTGI2SXBlQmNYaEwzZ21mQmZTTnZhZVUwd01ncmY5c2s9IiwibWFjIjoiMzMwMzAwNTk0MWI3ZDNlOThiMzM2ZjkxZjhhYWE4Y2FmZjM2ZGQyNDQxNDg3MjFlOWJjNDFjYjVkMTEzNTdlMyIsInRhZyI6IiJ9; visit=eyJpdiI6Ik9HVG94VEFHSGY3R2F4elV0aWx4TVE9PSIsInZhbHVlIjoiSkdRNDIwMWV4WkFseDNKUy9yN0UzYmQrWXNkbnN5aG1yY2xHUG8zeDNKazJhTkFuRERWMFY2VXhOWW1LcTlMOCIsIm1hYyI6ImIyYzZkZmFhNzVmMzk4MDNjMmEwMmZhNWY0YmMwMGE4YjFiZjAwMTcyOWUxMzBhZjEzMDFkYjYyNWIwNTVmYWMiLCJ0YWciOiIifQ%3D%3D; HbPnzWInPsyhw0CcHJrZOkllPz0KDFE0s3unk85z=eyJpdiI6Inl3ajVDMUhEMUVxWGpSbExwQ2dlM2c9PSIsInZhbHVlIjoiRmlrWVlpdjlEbm52MTliUzhjT2plazZrRzAwSC94VjZNV3ppYTl6QktJKy9OMU5XQkxtWWFobXZvYlhWTUxQSk43ZndjQ3RqNXd0YmRkS0U5dmRaNzJKTERKWDVNK1lJQUtaRUVBaGVTb3BvOENXU2szaXZ5M3huNHFGWlkrUnViOStqSzBFdXBDblFUdUErUEtPd0dCZXVDNmF0VUl5enZUcWQ4NlJQUTVlV3Z4UjhHTzBmd1F2amRYTFlXY3I2YXVCaXNPQjgwVHhlc0hIcFlwUm5lam5kMURpK21lK1RvL1R6MWhzbEw4MHJVYmlWYlEyZXpOK3dVNk9FK0dVbnVXZEcyQWc4ZHRCQmpxZEE5VVhpbzZpL0FXNnlYMmUrTkYveTB6QWd0UTB5VU01Y1ByREFQbVNOUDdrdlhzYlMxRmZQVnRIZDNQQVhKV1puMGFuOHFibGdFdFNiT0lSckNtT3lGMEVPakY1Q2JrdTRVZ1dETFp5dVA3RFFTbURWRzhKc3Z2dFVncGZBVGFra1pyaGxhYjY4bFR4R1VOS3liQjNxWXc4SERMcEkrOUx6MjFXSDlCWUhwRy9RYmZ4Tkt2bldWVlhtNlQ4V2xJUlQ1cUx2SmVSaW04R280ck42K1ZHV1VLN05RT2pBTmhXZWZrb05OeEtESXpPQ0RRUW5tVldjOHFVQ3hTR1pGV2hsR0YzVVJJaHU4WWtCVDlCWG1pek1ja0orRkVkem9EckVyUC9BeU5QY2lQd3JHMzlGbWZ5ZURkNnZ1VWxqUXlBdFd2cDlzQT09IiwibWFjIjoiOTZmZWNhZTQ4MTY2YzkxMjg3YTgyOWFlNzQwMTI3YTY2M2M2M2Q4YzA0YzQyMGUyMWVhYTE5YWI5YmU4ZjNhOCIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:34:39 GMT
Content-Type: text/css
Last-Modified: Wed, 30 Nov 2022 09:30:11 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"638722a3-bbb"
Expires: Thu, 30 Nov 2023 10:34:39 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
s.freakyprizes.com/js/offers/win_gold_min/app.js?id=eeff0059d069dcf9550e729234d61c8a
200 OK 77 kB URL HTTP/1.1 s.freakyprizes.com/js/offers/win_gold_min/app.js?id=eeff0059d069dcf9550e729234d61c8a
IP
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash 7e2d43a15b41817241241a10f115a293
722f29faba18a77e8b89a8f27030caaef28c7026
df9f2d2bacfaff33e52c79fb02c3da4f33760a7199d98e1adcb02c899b6be486
Analyzer Verdict Alert fortinet Phishing
GET /js/offers/win_gold_min/app.js?id=eeff0059d069dcf9550e729234d61c8a HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s.freakyprizes.com/win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6IjYwSlhFMGRIODhkbFlPcjZudks0cHc9PSIsInZhbHVlIjoiWm1RV2lGSWo3WnA0S1JOdTBTUFRVb3FDTmFtL29zYm5TMVBjUWZPNkpnRUUrMG5VcmRqMkFGZldNVlJrMDBrZERGT2RMWE9OTFA4NlpxV2dFKzBod3ZUcG9ZUG4waStLWmM3bG1PWXY1elM3WExzSXYwek9Fa3VXUlhMOU5mM1QiLCJtYWMiOiJmNTQwYzI0MTQ3Y2U3MWI5YzliNTU4ZTFhMWJlZWIzOGFiOGNhMzc1OWM5YmUxYjVmODdiZjE2ZmMyZjczYzcwIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6InVwUENXU2ZPQlBBQWVEaHZLZ2ZodUE9PSIsInZhbHVlIjoiV1pzME1HQmVtZUM3N1hpWlQ3cStCaTlpQ2JYZG9sVmJRaDRkYkpZMTdyM0swa2w1Zjk1VzFtZ1RVNU5NeFN4cUJPQjFqenBQaW9KVk1tNEtGZytCS3FnM0R0WmtqUVdhWXp4eS9DQktscCt4WGZCMVo3dXJjcWh1VFh6ZGtJeTIiLCJtYWMiOiI2NTQyYzI3NWZjYTllOGE5YmFhODA4NGE0YjY2MzM0MzA0ZTcxM2EyNWE2NzQ3ZjQ3MGExOGQ0YzJmYmNjYjFhIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Inl1RkVyOVBZSlhwOVI3K2p6NnpBOEE9PSIsInZhbHVlIjoiU3ZmRThGMFUyZzV1WVh1RW5jK0VmUTladXF2ckFVenI5S1NDNDZLSURpcXlVUWVua1M1dzdRZ3IzV0FlREFIVzVkZWdhRGFadHpnSTdlbjhGbCtOUEEySldGVkQvUVZDczBLWUxaNmVXbDJFSEdNVEJBV3gzT294bUNoRWR0UitNK3lzWklHNzdzVWRiWjFVcHk2Z3lndUlNL01Hai8zckdCK0hoR3kvM2VhSXIxMXFNUUJydURoU2JaTzdKT1hoOENFV1p5NDFKaHAwSnlnWkdMb2UxNktvVmlGWlJoUkRiN0dNSHBSVGpUbjlaT3dqTHNmRGg2WTg0VHZnSW5QcldUTUFPV1pzZzltTGI2SXBlQmNYaEwzZ21mQmZTTnZhZVUwd01ncmY5c2s9IiwibWFjIjoiMzMwMzAwNTk0MWI3ZDNlOThiMzM2ZjkxZjhhYWE4Y2FmZjM2ZGQyNDQxNDg3MjFlOWJjNDFjYjVkMTEzNTdlMyIsInRhZyI6IiJ9; visit=eyJpdiI6Ik9HVG94VEFHSGY3R2F4elV0aWx4TVE9PSIsInZhbHVlIjoiSkdRNDIwMWV4WkFseDNKUy9yN0UzYmQrWXNkbnN5aG1yY2xHUG8zeDNKazJhTkFuRERWMFY2VXhOWW1LcTlMOCIsIm1hYyI6ImIyYzZkZmFhNzVmMzk4MDNjMmEwMmZhNWY0YmMwMGE4YjFiZjAwMTcyOWUxMzBhZjEzMDFkYjYyNWIwNTVmYWMiLCJ0YWciOiIifQ%3D%3D; HbPnzWInPsyhw0CcHJrZOkllPz0KDFE0s3unk85z=eyJpdiI6Inl3ajVDMUhEMUVxWGpSbExwQ2dlM2c9PSIsInZhbHVlIjoiRmlrWVlpdjlEbm52MTliUzhjT2plazZrRzAwSC94VjZNV3ppYTl6QktJKy9OMU5XQkxtWWFobXZvYlhWTUxQSk43ZndjQ3RqNXd0YmRkS0U5dmRaNzJKTERKWDVNK1lJQUtaRUVBaGVTb3BvOENXU2szaXZ5M3huNHFGWlkrUnViOStqSzBFdXBDblFUdUErUEtPd0dCZXVDNmF0VUl5enZUcWQ4NlJQUTVlV3Z4UjhHTzBmd1F2amRYTFlXY3I2YXVCaXNPQjgwVHhlc0hIcFlwUm5lam5kMURpK21lK1RvL1R6MWhzbEw4MHJVYmlWYlEyZXpOK3dVNk9FK0dVbnVXZEcyQWc4ZHRCQmpxZEE5VVhpbzZpL0FXNnlYMmUrTkYveTB6QWd0UTB5VU01Y1ByREFQbVNOUDdrdlhzYlMxRmZQVnRIZDNQQVhKV1puMGFuOHFibGdFdFNiT0lSckNtT3lGMEVPakY1Q2JrdTRVZ1dETFp5dVA3RFFTbURWRzhKc3Z2dFVncGZBVGFra1pyaGxhYjY4bFR4R1VOS3liQjNxWXc4SERMcEkrOUx6MjFXSDlCWUhwRy9RYmZ4Tkt2bldWVlhtNlQ4V2xJUlQ1cUx2SmVSaW04R280ck42K1ZHV1VLN05RT2pBTmhXZWZrb05OeEtESXpPQ0RRUW5tVldjOHFVQ3hTR1pGV2hsR0YzVVJJaHU4WWtCVDlCWG1pek1ja0orRkVkem9EckVyUC9BeU5QY2lQd3JHMzlGbWZ5ZURkNnZ1VWxqUXlBdFd2cDlzQT09IiwibWFjIjoiOTZmZWNhZTQ4MTY2YzkxMjg3YTgyOWFlNzQwMTI3YTY2M2M2M2Q4YzA0YzQyMGUyMWVhYTE5YWI5YmU4ZjNhOCIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:34:39 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 30 Nov 2022 09:30:11 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"638722a3-39ccc"
Expires: Thu, 30 Nov 2023 10:34:39 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
s.freakyprizes.com/js/app.js?id=9f9ad6313b29b220c223d3a6ebc24752
200 OK 64 kB URL HTTP/1.1 s.freakyprizes.com/js/app.js?id=9f9ad6313b29b220c223d3a6ebc24752
IP
File type Unicode text, UTF-8 text, with very long lines (65474)
Hash 91c5d0f774d90e4a3f8cc309c566825c
40917530d9975a75800a8040b658f2670d201941
9fcd750dc86e1b51864a9a449887409a51aed422cfc105b28f926715cb2a8f59
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js?id=9f9ad6313b29b220c223d3a6ebc24752 HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s.freakyprizes.com/win_gold_min?tid=5x2z4o2y9d5w6m5pk8psgs0sg,16501417,5,1043&ctrack=1669804467.949980519&p=1043&pi=mbep&click_id=wk82l1bjhjh9iarkis8vqsei&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6IjYwSlhFMGRIODhkbFlPcjZudks0cHc9PSIsInZhbHVlIjoiWm1RV2lGSWo3WnA0S1JOdTBTUFRVb3FDTmFtL29zYm5TMVBjUWZPNkpnRUUrMG5VcmRqMkFGZldNVlJrMDBrZERGT2RMWE9OTFA4NlpxV2dFKzBod3ZUcG9ZUG4waStLWmM3bG1PWXY1elM3WExzSXYwek9Fa3VXUlhMOU5mM1QiLCJtYWMiOiJmNTQwYzI0MTQ3Y2U3MWI5YzliNTU4ZTFhMWJlZWIzOGFiOGNhMzc1OWM5YmUxYjVmODdiZjE2ZmMyZjczYzcwIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6InVwUENXU2ZPQlBBQWVEaHZLZ2ZodUE9PSIsInZhbHVlIjoiV1pzME1HQmVtZUM3N1hpWlQ3cStCaTlpQ2JYZG9sVmJRaDRkYkpZMTdyM0swa2w1Zjk1VzFtZ1RVNU5NeFN4cUJPQjFqenBQaW9KVk1tNEtGZytCS3FnM0R0WmtqUVdhWXp4eS9DQktscCt4WGZCMVo3dXJjcWh1VFh6ZGtJeTIiLCJtYWMiOiI2NTQyYzI3NWZjYTllOGE5YmFhODA4NGE0YjY2MzM0MzA0ZTcxM2EyNWE2NzQ3ZjQ3MGExOGQ0YzJmYmNjYjFhIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Inl1RkVyOVBZSlhwOVI3K2p6NnpBOEE9PSIsInZhbHVlIjoiU3ZmRThGMFUyZzV1WVh1RW5jK0VmUTladXF2ckFVenI5S1NDNDZLSURpcXlVUWVua1M1dzdRZ3IzV0FlREFIVzVkZWdhRGFadHpnSTdlbjhGbCtOUEEySldGVkQvUVZDczBLWUxaNmVXbDJFSEdNVEJBV3gzT294bUNoRWR0UitNK3lzWklHNzdzVWRiWjFVcHk2Z3lndUlNL01Hai8zckdCK0hoR3kvM2VhSXIxMXFNUUJydURoU2JaTzdKT1hoOENFV1p5NDFKaHAwSnlnWkdMb2UxNktvVmlGWlJoUkRiN0dNSHBSVGpUbjlaT3dqTHNmRGg2WTg0VHZnSW5QcldUTUFPV1pzZzltTGI2SXBlQmNYaEwzZ21mQmZTTnZhZVUwd01ncmY5c2s9IiwibWFjIjoiMzMwMzAwNTk0MWI3ZDNlOThiMzM2ZjkxZjhhYWE4Y2FmZjM2ZGQyNDQxNDg3MjFlOWJjNDFjYjVkMTEzNTdlMyIsInRhZyI6IiJ9; visit=eyJpdiI6Ik9HVG94VEFHSGY3R2F4elV0aWx4TVE9PSIsInZhbHVlIjoiSkdRNDIwMWV4WkFseDNKUy9yN0UzYmQrWXNkbnN5aG1yY2xHUG8zeDNKazJhTkFuRERWMFY2VXhOWW1LcTlMOCIsIm1hYyI6ImIyYzZkZmFhNzVmMzk4MDNjMmEwMmZhNWY0YmMwMGE4YjFiZjAwMTcyOWUxMzBhZjEzMDFkYjYyNWIwNTVmYWMiLCJ0YWciOiIifQ%3D%3D; HbPnzWInPsyhw0CcHJrZOkllPz0KDFE0s3unk85z=eyJpdiI6Inl3ajVDMUhEMUVxWGpSbExwQ2dlM2c9PSIsInZhbHVlIjoiRmlrWVlpdjlEbm52MTliUzhjT2plazZrRzAwSC94VjZNV3ppYTl6QktJKy9OMU5XQkxtWWFobXZvYlhWTUxQSk43ZndjQ3RqNXd0YmRkS0U5dmRaNzJKTERKWDVNK1lJQUtaRUVBaGVTb3BvOENXU2szaXZ5M3huNHFGWlkrUnViOStqSzBFdXBDblFUdUErUEtPd0dCZXVDNmF0VUl5enZUcWQ4NlJQUTVlV3Z4UjhHTzBmd1F2amRYTFlXY3I2YXVCaXNPQjgwVHhlc0hIcFlwUm5lam5kMURpK21lK1RvL1R6MWhzbEw4MHJVYmlWYlEyZXpOK3dVNk9FK0dVbnVXZEcyQWc4ZHRCQmpxZEE5VVhpbzZpL0FXNnlYMmUrTkYveTB6QWd0UTB5VU01Y1ByREFQbVNOUDdrdlhzYlMxRmZQVnRIZDNQQVhKV1puMGFuOHFibGdFdFNiT0lSckNtT3lGMEVPakY1Q2JrdTRVZ1dETFp5dVA3RFFTbURWRzhKc3Z2dFVncGZBVGFra1pyaGxhYjY4bFR4R1VOS3liQjNxWXc4SERMcEkrOUx6MjFXSDlCWUhwRy9RYmZ4Tkt2bldWVlhtNlQ4V2xJUlQ1cUx2SmVSaW04R280ck42K1ZHV1VLN05RT2pBTmhXZWZrb05OeEtESXpPQ0RRUW5tVldjOHFVQ3hTR1pGV2hsR0YzVVJJaHU4WWtCVDlCWG1pek1ja0orRkVkem9EckVyUC9BeU5QY2lQd3JHMzlGbWZ5ZURkNnZ1VWxqUXlBdFd2cDlzQT09IiwibWFjIjoiOTZmZWNhZTQ4MTY2YzkxMjg3YTgyOWFlNzQwMTI3YTY2M2M2M2Q4YzA0YzQyMGUyMWVhYTE5YWI5YmU4ZjNhOCIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:34:39 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 30 Nov 2022 09:30:11 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"638722a3-2e42c"
Expires: Thu, 30 Nov 2023 10:34:39 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
s.freakyprizes.com/img/offers/win_gold_min/bg.jpg
200 OK 32 kB URL HTTP/1.1 s.freakyprizes.com/img/offers/win_gold_min/bg.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Hash c69a051597a824a3669ae4a4fec7398b
b3c3bccb0e85734964f40e78acf1ad84757e9d1b
35b6e5cc0b3a23ad26e7e6e444998d4aa95d66add467bd2e110a3ae67c61a3c7
GET /img/offers/win_gold_min/bg.jpg HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
Cookie: XSRF-TOKEN=eyJpdiI6IjYwSlhFMGRIODhkbFlPcjZudks0cHc9PSIsInZhbHVlIjoiWm1RV2lGSWo3WnA0S1JOdTBTUFRVb3FDTmFtL29zYm5TMVBjUWZPNkpnRUUrMG5VcmRqMkFGZldNVlJrMDBrZERGT2RMWE9OTFA4NlpxV2dFKzBod3ZUcG9ZUG4waStLWmM3bG1PWXY1elM3WExzSXYwek9Fa3VXUlhMOU5mM1QiLCJtYWMiOiJmNTQwYzI0MTQ3Y2U3MWI5YzliNTU4ZTFhMWJlZWIzOGFiOGNhMzc1OWM5YmUxYjVmODdiZjE2ZmMyZjczYzcwIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6InVwUENXU2ZPQlBBQWVEaHZLZ2ZodUE9PSIsInZhbHVlIjoiV1pzME1HQmVtZUM3N1hpWlQ3cStCaTlpQ2JYZG9sVmJRaDRkYkpZMTdyM0swa2w1Zjk1VzFtZ1RVNU5NeFN4cUJPQjFqenBQaW9KVk1tNEtGZytCS3FnM0R0WmtqUVdhWXp4eS9DQktscCt4WGZCMVo3dXJjcWh1VFh6ZGtJeTIiLCJtYWMiOiI2NTQyYzI3NWZjYTllOGE5YmFhODA4NGE0YjY2MzM0MzA0ZTcxM2EyNWE2NzQ3ZjQ3MGExOGQ0YzJmYmNjYjFhIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Inl1RkVyOVBZSlhwOVI3K2p6NnpBOEE9PSIsInZhbHVlIjoiU3ZmRThGMFUyZzV1WVh1RW5jK0VmUTladXF2ckFVenI5S1NDNDZLSURpcXlVUWVua1M1dzdRZ3IzV0FlREFIVzVkZWdhRGFadHpnSTdlbjhGbCtOUEEySldGVkQvUVZDczBLWUxaNmVXbDJFSEdNVEJBV3gzT294bUNoRWR0UitNK3lzWklHNzdzVWRiWjFVcHk2Z3lndUlNL01Hai8zckdCK0hoR3kvM2VhSXIxMXFNUUJydURoU2JaTzdKT1hoOENFV1p5NDFKaHAwSnlnWkdMb2UxNktvVmlGWlJoUkRiN0dNSHBSVGpUbjlaT3dqTHNmRGg2WTg0VHZnSW5QcldUTUFPV1pzZzltTGI2SXBlQmNYaEwzZ21mQmZTTnZhZVUwd01ncmY5c2s9IiwibWFjIjoiMzMwMzAwNTk0MWI3ZDNlOThiMzM2ZjkxZjhhYWE4Y2FmZjM2ZGQyNDQxNDg3MjFlOWJjNDFjYjVkMTEzNTdlMyIsInRhZyI6IiJ9; visit=eyJpdiI6Ik9HVG94VEFHSGY3R2F4elV0aWx4TVE9PSIsInZhbHVlIjoiSkdRNDIwMWV4WkFseDNKUy9yN0UzYmQrWXNkbnN5aG1yY2xHUG8zeDNKazJhTkFuRERWMFY2VXhOWW1LcTlMOCIsIm1hYyI6ImIyYzZkZmFhNzVmMzk4MDNjMmEwMmZhNWY0YmMwMGE4YjFiZjAwMTcyOWUxMzBhZjEzMDFkYjYyNWIwNTVmYWMiLCJ0YWciOiIifQ%3D%3D; HbPnzWInPsyhw0CcHJrZOkllPz0KDFE0s3unk85z=eyJpdiI6Inl3ajVDMUhEMUVxWGpSbExwQ2dlM2c9PSIsInZhbHVlIjoiRmlrWVlpdjlEbm52MTliUzhjT2plazZrRzAwSC94VjZNV3ppYTl6QktJKy9OMU5XQkxtWWFobXZvYlhWTUxQSk43ZndjQ3RqNXd0YmRkS0U5dmRaNzJKTERKWDVNK1lJQUtaRUVBaGVTb3BvOENXU2szaXZ5M3huNHFGWlkrUnViOStqSzBFdXBDblFUdUErUEtPd0dCZXVDNmF0VUl5enZUcWQ4NlJQUTVlV3Z4UjhHTzBmd1F2amRYTFlXY3I2YXVCaXNPQjgwVHhlc0hIcFlwUm5lam5kMURpK21lK1RvL1R6MWhzbEw4MHJVYmlWYlEyZXpOK3dVNk9FK0dVbnVXZEcyQWc4ZHRCQmpxZEE5VVhpbzZpL0FXNnlYMmUrTkYveTB6QWd0UTB5VU01Y1ByREFQbVNOUDdrdlhzYlMxRmZQVnRIZDNQQVhKV1puMGFuOHFibGdFdFNiT0lSckNtT3lGMEVPakY1Q2JrdTRVZ1dETFp5dVA3RFFTbURWRzhKc3Z2dFVncGZBVGFra1pyaGxhYjY4bFR4R1VOS3liQjNxWXc4SERMcEkrOUx6MjFXSDlCWUhwRy9RYmZ4Tkt2bldWVlhtNlQ4V2xJUlQ1cUx2SmVSaW04R280ck42K1ZHV1VLN05RT2pBTmhXZWZrb05OeEtESXpPQ0RRUW5tVldjOHFVQ3hTR1pGV2hsR0YzVVJJaHU4WWtCVDlCWG1pek1ja0orRkVkem9EckVyUC9BeU5QY2lQd3JHMzlGbWZ5ZURkNnZ1VWxqUXlBdFd2cDlzQT09IiwibWFjIjoiOTZmZWNhZTQ4MTY2YzkxMjg3YTgyOWFlNzQwMTI3YTY2M2M2M2Q4YzA0YzQyMGUyMWVhYTE5YWI5YmU4ZjNhOCIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:34:39 GMT
Content-Type: image/jpeg
Content-Length: 31535
Last-Modified: Wed, 30 Nov 2022 09:30:11 GMT
ETag: "638722a3-7b2f"
Expires: Thu, 30 Nov 2023 10:34:39 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8a099c42b34530493f0351f5000e1ec3
2f65927b6b634702f4b44a0c4beef27de49f0212
e07ffeb32cd4bca094b23482748c3c92d1413bd0257e0f8dc9a6b208ac410098
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07FFEB32CD4BCA094B23482748C3C92D1413BD0257E0F8DC9A6B208AC410098"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6356
Expires: Wed, 30 Nov 2022 12:20:35 GMT
Date: Wed, 30 Nov 2022 10:34:39 GMT
Connection: keep-alive
s.freakyprizes.com/img/prizes/cash-500-usd/default/default@0.75x.png
200 OK 14 kB URL HTTP/2 s.freakyprizes.com/img/prizes/cash-500-usd/default/default@0.75x.png
IP
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 8a0e556cacd7eae426890d0b9c82592e
321c72a9a18d8967c967c0067a9ebc9030eb08a1
bab0791c1c042dafa1ab7f295943c515cd66458ef193f5da56734f1804c5e63a
GET /img/prizes/cash-500-usd/default/default@0.75x.png HTTP/1.1
Host: s.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 10:34:39 GMT
content-type: image/png
content-length: 14072
last-modified: Wed, 30 Nov 2022 09:28:38 GMT
etag: "63872246-36f8"
expires: Thu, 30 Nov 2023 10:34:39 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 10:11:14 GMT
cache-control: public,max-age=3600
age: 1405
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2556
Cache-Control: max-age=170088
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:34:39 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:49:27 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s6dkmQ9B1/QYWu2dF07Phw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /0PFcMiSjjSn4SWcgIeFwcOOczY=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 056a3e99d43c4e9459efba61f4649991
92a46f6e977d6d55bbb26bf219187d5262a92086
d73ca52e577d170c3c959b2cd9b0688b3b1d481b16df10bf9f6aab31d3f359d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D73CA52E577D170C3C959B2CD9B0688B3B1D481B16DF10BF9F6AAB31D3F359D2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Wed, 30 Nov 2022 15:14:52 GMT
Date: Wed, 30 Nov 2022 10:34:40 GMT
Connection: keep-alive
s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
200 OK 2 B URL HTTP/1.1 s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7 HTTP/1.1
Host: s3ntry.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s.freakyprizes.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://s.freakyprizes.com
Content-Length: 434
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 10:34:40 GMT
Content-Type: application/json
Content-Length: 2
Connection: close
access-control-allow-origin: http://s.freakyprizes.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:34:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:34:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:34:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:34:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:34:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 45496
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 45910
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 45710
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 43172
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 44755
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 45907
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1u65k3qj4t7ya.cloudfront.net/carriers/telenor.svg
200 OK 0 B URL HTTP/2 d1u65k3qj4t7ya.cloudfront.net/carriers/telenor.svg
IP
GET /carriers/telenor.svg HTTP/1.1
Host: d1u65k3qj4t7ya.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 01 Jul 2022 12:26:39 GMT
x-amz-storage-class: REDUCED_REDUNDANCY
server: AmazonS3
content-encoding: gzip
date: Wed, 30 Nov 2022 03:06:22 GMT
etag: W/"22ac04ea759d608fe69bc0db24dc915c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EwSYU_zYBpToDfVTF849xMe9YQpUAbVUKaD-bddqncs097n1aNKiCw==
age: 26898
X-Firefox-Spdy: h2
d1u65k3qj4t7ya.cloudfront.net/carriers/telia.svg
200 OK 0 B URL HTTP/2 d1u65k3qj4t7ya.cloudfront.net/carriers/telia.svg
IP
GET /carriers/telia.svg HTTP/1.1
Host: d1u65k3qj4t7ya.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 30 Nov 2022 04:12:27 GMT
last-modified: Fri, 01 Jul 2022 12:26:39 GMT
etag: W/"c87c4b7324d0c7760e2c3c5ffb645dd7"
x-amz-storage-class: REDUCED_REDUNDANCY
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EW8cUPiq767Sd78wqGLjgIee270DeEocNSRhvaJpyrj3f4XbBsDFKQ==
age: 22933
X-Firefox-Spdy: h2
94.237.84.54
23.36.76.226
34.160.144.191
93.184.220.29
162.55.168.249