15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
217.69.14.8301 Moved Permanently 952 B URL HTTP/1.1 15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
IP 217.69.14.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (619)
Hash 4cb4f018abc56b8e84aae952967522db
9839451adf97a474fa2141c5170354257470709b
e44972ee70d7fbd018756e9fdb1e267a4f339a5f17114c4b8a04bbc5be87e58a
GET /brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Apr 2023 16:59:47 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 952
Connection: keep-alive
Location: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a4074549843769a3da3f055bcb5a78ff
f99062d34cf71bda6a9c64061fb9e61008f94021
895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19380
Expires: Tue, 04 Apr 2023 22:22:48 GMT
Date: Tue, 04 Apr 2023 16:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e50dac5108a698d61ca49516033d1a20
53d243b89fc00deb9bfae07351bbe36ddb7c1df3
e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14316
Expires: Tue, 04 Apr 2023 20:58:24 GMT
Date: Tue, 04 Apr 2023 16:59:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 16:28:45 GMT
content-type: application/json
age: 1863
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 04 Apr 2023 18:03:26 GMT
Date: Tue, 04 Apr 2023 16:59:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BcqHDQUvYL6mMKl6dMrY3KpnrK6YZ1Er3UMsulFetI1i9QUqw7LWp0j8ct4enoueQb2SHHYJU9J/BROMVSMyRQ==
x-amz-request-id: BY0FTV7WF4R61BH6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 16:53:13 GMT
age: 395
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 16:17:29 GMT
age: 2539
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/brflag.png
217.69.14.8200 OK 1.6 kB URL HTTP/2 15.winprizes215.biz/brtcad1/brflag.png
IP 217.69.14.8:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 3f09355b3e373835b54ff04bf9f08d42
c0c211336633fda9476027ee45d4ad43fd545704
d6d664e54e7656b16e5970c451f1da24ab0eb39cde2b2e0f60ae36aaec6d3991
GET /brtcad1/brflag.png HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: image/png
content-length: 1560
last-modified: Mon, 04 Jul 2022 05:43:47 GMT
etag: "618-5e2f4384114ed"
accept-ranges: bytes
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/loading.gif
217.69.14.8200 OK 5.4 kB URL HTTP/2 15.winprizes215.biz/brtcad1/loading.gif
IP 217.69.14.8:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash f60928ffecf24d58778208a0f57740e6
292e0fa1ce4891036c51e28b22afbc80dba1be6f
67bdb1ae29193a59a00ab429adecf6639708ad554ecac21eb0cf5837c271ade5
GET /brtcad1/loading.gif HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: image/gif
content-length: 5397
last-modified: Mon, 04 Jul 2022 05:43:51 GMT
etag: "1515-5e2f4387def19"
accept-ranges: bytes
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/checkmark.png
217.69.14.8200 OK 1.4 kB URL HTTP/2 15.winprizes215.biz/brtcad1/checkmark.png
IP 217.69.14.8:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash c5c7963ac4910cc213df781683ca2b23
4ac7e6fd56d69d7587fd3406fded70fb5237e494
885f933eb3e99af07249f0a9b09e87d06a88d75ce5f3c3bae6d22057ad971663
GET /brtcad1/checkmark.png HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: image/png
content-length: 1383
last-modified: Mon, 04 Jul 2022 05:43:48 GMT
etag: "567-5e2f4385a2ad2"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5a4e63ad4a4c68269ab2144a7eba16b3
077d9d18481cca0a72c5daca41e9e7bbe21fdb1a
2723d135b26dc00409018c7e347017e6896c61077ad93df7144e7f9be3a448e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2723D135B26DC00409018C7E347017E6896C61077AD93DF7144E7F9BE3A448E5"
Last-Modified: Mon, 03 Apr 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13158
Expires: Tue, 04 Apr 2023 20:39:06 GMT
Date: Tue, 04 Apr 2023 16:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2162003cb33dc84fed2230e017330e44
78462a01d4003754d427b7d6451f0dc19f6a81b5
1c8b24ffcc0df0d5d2242f668b7fde8aefec6424339eae88a3ae8e732997f2b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C8B24FFCC0DF0D5D2242F668B7FDE8AEFEC6424339EAE88A3AE8E732997F2B9"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14081
Expires: Tue, 04 Apr 2023 20:54:29 GMT
Date: Tue, 04 Apr 2023 16:59:48 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.247.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.247.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zmhwa/6r3YnHBDMu6aL6sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xhWn3rTXO2DH1GcLO2GtshiTGLc=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 04 Apr 2023 19:47:41 GMT
Date: Tue, 04 Apr 2023 16:59:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 04 Apr 2023 19:47:41 GMT
Date: Tue, 04 Apr 2023 16:59:50 GMT
Connection: keep-alive
15.winprizes215.biz/favicon.ico
217.69.14.8404 Not Found 722 B URL HTTP/2 15.winprizes215.biz/favicon.ico
IP 217.69.14.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6364ed306d7f67a79edcdc2e5b1a0fb5
b69dbe140e27484f5046866f110eb887edc3ab3d
4f15c960c515ff324b12fe0b1d66ade82cf474010a162d23c6251fef11a2901f
GET /favicon.ico HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 04 Apr 2023 16:59:50 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 04 Apr 2023 19:47:41 GMT
Date: Tue, 04 Apr 2023 16:59:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9fe7cd-3f6e-41f2-9728-47c1daf7e4a5.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9fe7cd-3f6e-41f2-9728-47c1daf7e4a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ee7cad4ed305ba08f0c44918cb072cc
66422fe1f35dce6b7912874ab3ccb9f9a5244745
d035b5a67f2e86edfd31412ccc7c92807a3573be941028cdc7b07fa90b8b8022
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9fe7cd-3f6e-41f2-9728-47c1daf7e4a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6494
x-amzn-requestid: 4fa08ee4-cd00-481f-822c-75969d71d66f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fqhHC7oAMF3tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4643-24812ab81e055cf649aed63b;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oOwWSwfp5DcXs7-_qnX5c_Gx90bJnYldIlOJVye5TklrLuwOlgWT_A==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:33:55 GMT
etag: "66422fe1f35dce6b7912874ab3ccb9f9a5244745"
content-type: image/jpeg
age: 69955
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: TvDTtH9ZqXuvomWMYiB8g8N0JKjRrHIXF1SxfCRJfwZS-7pGLAPrVw==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:33:57 GMT
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
age: 69953
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80fcfbf9081b3ede0bbbb18635a9cbf4
037891066a15726bb272a8d74f96abb1520b4fe3
5cf70d8254f20aea5ca12439a4558f459d6bbf162f5e1a0f9b62e79de29d4b29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6898
x-amzn-requestid: a56b192d-c797-4521-9af4-e3baaa8e6205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbGsRoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-5aeb60706595f7762c545067;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5PCc80UBjiGObi7QYuzScnsR2Tn7XkH2ihpI5rGlrFTjWr7s74quNQ==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:34:01 GMT
etag: "037891066a15726bb272a8d74f96abb1520b4fe3"
content-type: image/jpeg
age: 69949
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790b71fc2b1faa08db8b4334c9c3f9e3
e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4
eed429169c9d3feb115463d8ead934fa348cdca60aabf0c88d4553ed23575c9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10535
x-amzn-requestid: 8efe600f-9818-4c23-afd3-41c5a4dece2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbFHSoAMF8HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-65e8e6fd575fdc91668d6676;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3eFc64JrVV7kNe1QSEyApxR5PQ0aC-6UWaOI5wUZjIDATg38NAlkcw==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:34:01 GMT
etag: "e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4"
content-type: image/jpeg
age: 69949
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d1360ec3cb182322e0a0c445f57e5b7
9f71e3cd002ca8116d917c3b7fb57291099269d1
e3d216e879d771bf2507928ba1b26465c87a4202a4cdc03483f002c2826a81b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6912
x-amzn-requestid: 53fcdc8a-e064-4e81-b5ac-5d0ae4bcfdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpuEZ-IAMFxaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-3b7b43f30dd66fae5dc9ea6a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: GZgHaJIuhgJevaSQVWPEZ-U5S-OGbnM_ZSvlcmim_e5Fsi6P_7TISA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:33:50 GMT
etag: "9f71e3cd002ca8116d917c3b7fb57291099269d1"
content-type: image/jpeg
age: 69960
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc87aa979c0767120514f1e4b758ff17
67f5976f5c3664fdddf0df409fd06c6654f2f844
6933b54d13aba860ff4e8c5978ffa4a2e546b15a17c783fcf5d87bfb817a28f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4815
x-amzn-requestid: 9f83c9c3-43ef-4753-8407-8592386870f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNUVHDcoAMFtNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642928e8-733f938a34d9987746b87996;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:04:08 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 8wCg8bQNt6yeUlVHBIt-tM9O95EOd5eGYE50UIkWGZQ7ni6y1FC4ew==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:21:34 GMT
age: 34696
etag: "67f5976f5c3664fdddf0df409fd06c6654f2f844"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
IP 217.69.14.8:0
GET /brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/jquery.min.js
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/jquery.min.js
IP 217.69.14.8:0
Analyzer Verdict Alert fortinet Phishing
GET /brtcad1/jquery.min.js HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:51 GMT
etag: W/"152b9-5e2f438807f5a"
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/countries.js
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/countries.js
IP 217.69.14.8:0
Analyzer Verdict Alert fortinet Phishing
GET /brtcad1/countries.js HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:49 GMT
etag: W/"29e7-5e2f43865c395"
content-encoding: br
X-Firefox-Spdy: h2
register.yars10.net/js/pub.min.js?application=15.winprizes215.biz
5.9.127.233404 Not Found 0 B URL HTTP/2 register.yars10.net/js/pub.min.js?application=15.winprizes215.biz
IP 5.9.127.233:0
ASN #24940 Hetzner Online GmbH
GET /js/pub.min.js?application=15.winprizes215.biz HTTP/1.1
Host: register.yars10.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
date: Tue, 04 Apr 2023 16:59:49 GMT
log-id: 17c8584b-658d-4d26-ae8d-567efec5daca
vary: Accept-Encoding, Origin
set-cookie: api_push_dog_session=eyJpdiI6InVJc0IzRmcwSzJmSkJhVHdJL0UyVWc9PSIsInZhbHVlIjoieHFiSkZIVEVEUDJkbThyQk1QSEtqNHRMNWExSStKU09xNnJtMnBqcGYveTl4TjNESGVLbktBOHRWeGo3ZjRRNGNBcmg3L3hmVDRmS1Zid01RMm9ITlQ3REhmYk9WczJhYXQ2MHhwNm5ENVlLVEFhT2VXNmQxZkwvKzlydWZMZFMiLCJtYWMiOiIwNDllNGM1Y2IzNDQ2MjI5ZmVlZGIwNzdlMjNiMGNjMTUwMWQ2NjIyY2E4Yjg2ZjUzNjgwNjM1ZjNjNDE1MDk2IiwidGFnIjoiIn0%3D; expires=Tue, 04-Apr-2023 18:59:49 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
5ONHaspjCGfhk5r2MRyyNB52c06B34OG3A80IUHK=eyJpdiI6IjBOdldveUlzR1ozWkJPRllwZG53UXc9PSIsInZhbHVlIjoiby9tV0N3OCsyMy9DSy85NGsxZ1phbW12N0RMRDMyREhhRFQ2LzVmb05MSzRTbkQwTzg5UllpTEMreWFTZkdGTHlXdEVwa3QzdmJQTlVsbW05bVpmUTZHM3NjZ0NLc1J2TTlXZy9CSmluQlh3Z05tWm8yc1BBc1VuVEVyc05MbndadXVLN0J3M0ZhODlnVGUyeUZQcVlVTno2RkpTbXdaQ0I3akxzS1NSZE5yNzRNYlg5RVc1Q2FDQUkySFg0M0x3SkF0d0hvV21oTXF2T0orT2t6dkhmanVxTmh0RWpYa0hwMk9IQnNFMXB3RGE5b01Ob1JXdkhlaDZWenFuYnlyNjU1VUxyMFJaSFM5QkdPazJyWDk2U0k4YWZQNFcvNzQxQTBzTlcrUkFSVHMrRGE1bENLaGZoSUdrV2N2cTh3VE9CZWhTTmhZUjhXMGQ3WXhka0o4WmJsWHBmbWNHNVNzTklrdExWSERCdGN4ZkNBSkY0bkJrME9UUTF0R3ZIcENYcCtVK3gram5Xbmdjdmt4RU1yYXNMaWlFZGNNUFVUVnloZEYzTExVb2JHTFJTVEJINFZkNGJYeW5qOGVMQjMrdDdsZUdNOWtnZjd5WWpad0tTWjB0aWdtSVFKTHVrWlh6bjV0R0ZJd1RPdm1pdkZFSzVKdEI1VGxTUXFXS04zMG1UeFZkUU5aR1ltR2wrcStwY1dUN0p5YjdabkJWeFFLOXFZUDhnMFZPblVSaldmcldHMEFWcUxBN0EwbHRJY25FUUFGdDdlQzB6L20vcStDTTlLSEFqSTFreXVTdHIyRXgyYWNMM0xUVGtmdHBkMDhCRWUxaEdXUURGTnJWbDcySU83WlVhcENHYXp4SmMrMm12TG5CTlpVWmVoMkljdFlQZndiOGhUM1NpekdCZTBrME5aTDBGRGlTaTlDUy9mOGpCZ2NidW5DZkFsd1hCUFZlMzNOVTMwTXNDOWx1Z1RSZ3VITjRhZ0FhZ1NuYjFjWGtxODRnSHQwNWRoMlg4OFdBOHpIbW9hcGdndTJLYnc4cVUydXg2a2YvalhpK09xc1NtOG5nMUtYWkFacVVXRld0R0R1WlB6L2xlamRXdlpCK0JmdGVtUUJMcldsNGtwYzREdm45bFpoTmc0b3FvTEJ1WmdTK01sbDEybkdGcUdFY2xKSmg0cUwzRFlCdW9mYjYiLCJtYWMiOiJmNDFmZGJjZDk3MTgzYzEwNTY5Yzg5ZTg5ZTRmOGQ5ZWUxY2NmN2MxZmFlZmM3ZTJkY2M1NTc0MmNhYmNjMjg4IiwidGFnIjoiIn0%3D; expires=Tue, 04-Apr-2023 18:59:49 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
DSALB=d71d24969b726a06; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/bootstrap.min.css
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/bootstrap.min.css
IP 217.69.14.8:0
GET /brtcad1/bootstrap.min.css HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:46 GMT
etag: W/"1da55-5e2f438382bab"
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/style.css
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/style.css
IP 217.69.14.8:0
GET /brtcad1/style.css HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:55 GMT
etag: W/"5ae-5e2f438bd1b06"
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/main.js
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/main.js
IP 217.69.14.8:0
GET /brtcad1/main.js HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:52 GMT
etag: W/"1813c-5e2f4388b5c9c"
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/mobile-detect.min.js
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/mobile-detect.min.js
IP 217.69.14.8:0
Analyzer Verdict Alert fortinet Phishing
GET /brtcad1/mobile-detect.min.js HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:52 GMT
etag: W/"8edb-5e2f4388c75dc"
content-encoding: br
X-Firefox-Spdy: h2
15.winprizes215.biz/brtcad1/detect_device.js
217.69.14.8200 OK 0 B URL HTTP/2 15.winprizes215.biz/brtcad1/detect_device.js
IP 217.69.14.8:0
GET /brtcad1/detect_device.js HTTP/1.1
Host: 15.winprizes215.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.winprizes215.biz/brtcad1/index.php?city=Mountain+View&model=Desktop&brand=Desktop&cep=iiQHfzpOL4MCY3yu6ul_075V7xWlAPgeCCT4___DcpEodmIyuvm7iBgpqECc1yvjMqUBs9IsrinLL40fI0cxqFa0zW_GTbaRIka-SnvsFTcQ3QKAdAYPT1Ew95MKODrD603_iKidO3UheAZ3iRioDVuu2IXOR5h6MJh8Px8A0BKuR1iZqzW3Hnr5C-yr3h8IUf8NoygpVgTNMXA9ePVY697j1hpKiuFb1eq8O5P2H5F3Rs2U-eKfrXhO_TjKvV5Mj1iuJbmJm3oPvH9rZkllliR9NgYPUVnppq12PtOr51DBWCIvySTrdH3mcc3onr33hWp4y22SEIFaEf5ElVPalzLdhxJ0Ksp4hV8EKYoIiwm9cEnqFoZu6sQeljecJdj2q5lzpk1K6cKEbnsdfaZU_UdREZQiuUCNAc_NRkzlpR8&lptoken=169e69ee06cb072838fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 16:59:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 05:43:49 GMT
etag: W/"309-5e2f4386611b5"
content-encoding: br
X-Firefox-Spdy: h2