| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash358212db02ecc7c1fa088906bd2dba14 091a0688da9de609d97349215ba9e452dfc346a4 7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Tue, 13 Dec 2022 11:59:11 GMT
Date: Tue, 13 Dec 2022 08:07:07 GMT
Connection: keep-alive
|
|
| braokeextrefore.com/3f86fab8-c377-401f-87e3-4ce6668aac53 | 3.124.99.72 | 302 | 0 B |
URL HTTP/1.1braokeextrefore.com/3f86fab8-c377-401f-87e3-4ce6668aac53 IP3.124.99.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /3f86fab8-c377-401f-87e3-4ce6668aac53 HTTP/1.1
Host: braokeextrefore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 3213fcf4-35fc-436f-9083-b99766e4b860-v4=50FMLozNLkvo84l1TjHeUZrpxchRCVaEmoaDeyUUawE; cep-v4=AgyPwjWRWc1G-eK8Jj598BN1ug4ALd6NZbUjGgEk7NKhp3GUH__LXd-TdOp6MpzLMmfOysqkz3yEhwpzmLWYlzalMpq-RUEEC7ZchyiIjEmilOibKPkdn4RJb9ixvzu4QTiISmDIr53HQn2W1QagLcSrL7TyLyTemjD6F5kisOAMpaJuMuk7zA9P55XaQWvrbJSN7CQxUcV54Ha_nxP-JuUZTNCba9O1u9acbOnZ9vCRQ6qXre37-fdBtjZZwhJvAsey_u_WHAXhHXHnoc8d2qyUI4ekd-NA3E34K9nNxtog0YRe4fWsu8yGWzUiCuh6huTO5guS4PlIgEtdcJ54zMKZFljYB_L-1jfsu5WgR8NF7LSb_H9_zYqgkFp2mD5Q
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Tue, 13 Dec 2022 08:07:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787
Pragma: no-cache
Set-Cookie: 3f86fab8-c377-401f-87e3-4ce6668aac53-v4=QHz6sDxHd_8OJ9Eo0HnuSnTwXAlv2C5lXPyCjnvMXn8; Max-Age=86400; Expires=Wed, 14-Dec-2022 08:07:07 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly
cep-v4=3u0H4wBVsGhA_ZJDrsvDMbC97sIWm-rG5j6nnbd-7kqOxjLPctObDyb2C30Ayq9q0uv0FikIQT4iTKLqp1T3K6jc76TPxh8T_RgWRwrNKftW68zfCT_9UHSXeYOcEF45-GuFIGkiNd6BqfpZn2lSYI5NvHmgJF2HIlbl5WWRF1SLyhHUKlU_S-pIo9c8n44l7qik-S8Lkj7GLIObcP0CEGtsRRc9xofeoux3MmND9VVqUgiZCM9t1Mm7SPXCrsOj4vwy91NKGKl0LnIONTrfwqy3YvSSYzUmr-m4M4BHkIniRsg2ZS9jDvGmH14ovBJxx7VZCbE9qcLgOahVEqMXxqA8MgLhZyVS_z5_8dx_lb0E7FEij5tGyIKcgoKYODeU; Max-Age=86400; Expires=Wed, 14-Dec-2022 08:07:07 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash555d8608594803d49eeb9581c6b70702 d01e0201e0ba0cf751ef97226620338a853bc635 2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2739
Expires: Tue, 13 Dec 2022 08:52:46 GMT
Date: Tue, 13 Dec 2022 08:07:07 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 07:08:44 GMT
content-type: application/json
age: 3503
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd29881eeb0456eff8cf415ad2ce64ba0 e3cfdd5f56ff88066257ec8f4726f53e3a733bd3 2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Tue, 13 Dec 2022 09:33:24 GMT
Date: Tue, 13 Dec 2022 08:07:07 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +H2ypGhEIqMjcvsIxOsWASN6bgy0L/TKsgE/mXcydMEzdskL+HWQlKK1NrcFo+2P6rN6hVb6jic=
x-amz-request-id: JB59TXVEGPEETRD0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 07:49:58 GMT
age: 1029
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 08:07:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashd7078d32b328764af74c592a2dd6a82a 03edb5057a45346528c9823e5e9952ad36ec063e ac4f445a1acd3b5fc1cd2d935ab9e62de35693be4e7dc4a0e8ec1ac27fc499b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133556
Date: Tue, 13 Dec 2022 08:07:08 GMT
Etag: "63979960-1d7"
Expires: Wed, 14 Dec 2022 21:13:04 GMT
Last-Modified: Mon, 12 Dec 2022 21:13:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GTyAtaEtjY5MVHroLAvYNw8broy-dEzbS1EBygrM1gMQ0BsPO2KIVQ==
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/flag.png | 143.204.55.16 | 200 OK | 1.6 kB |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/flag.png IP143.204.55.16:0
File typePNG image data, 35 x 23, 8-bit/color RGBA, non-interlaced\012- data Hash21297e31991fb09c0a48abbeefadc097 2061a8fc10c064986909963afdc6b89baa96c6e1 03062db15bb4bf035fe022f96c9ba3da1a479637d085c12322b9717497c2945e
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/flag.png HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1583
last-modified: Tue, 08 Nov 2022 04:13:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Dec 2022 03:14:15 GMT
etag: "21297e31991fb09c0a48abbeefadc097"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5LUUT2RYxFFnAGTGlmZonqfF6wzT8jX5S0MWzohJ0rLIOFAsLnHAw==
age: 17574
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/c02173e7e4e2e6e95265f3f52dba5132a5a6e15111.gif | 143.204.55.16 | 200 OK | 636 kB |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/c02173e7e4e2e6e95265f3f52dba5132a5a6e15111.gif IP143.204.55.16:0
File typeGIF image data, version 89a, 800 x 600\012- data Size636 kB (636270 bytes) Hashe9c2b911f7146d835ac0020b436d34e9 8a5e8a2275c780ffc650615325b6213d6e35d8f0 a79832a29a4c866c3f7830f60abfa91a89367ab6af66786104d92d85a9ff50ad
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/c02173e7e4e2e6e95265f3f52dba5132a5a6e15111.gif HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 636270
last-modified: Tue, 08 Nov 2022 04:13:16 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Dec 2022 03:14:15 GMT
etag: "e9c2b911f7146d835ac0020b436d34e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GPbxH0atkpOKUy-lMufHAn1a0uGbR7jZlj6xpF6V3mvpGSRYuZac-w==
age: 17574
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/2ef289afa287fa1e905a9eb520974fb963c1fe98.png | 143.204.55.16 | 200 OK | 8.7 kB |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/2ef289afa287fa1e905a9eb520974fb963c1fe98.png IP143.204.55.16:0
File typePNG image data, 395 x 77, 8-bit/color RGBA, non-interlaced\012- data Hashbec6b8eab9d6e094df42a0e1b8230994 2ef289afa287fa1e905a9eb520974fb963c1fe98 ca9a2744b49c225c39ddd78239e2b4e1703f2f8ee03d6bc22a9f53532ac94046
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/2ef289afa287fa1e905a9eb520974fb963c1fe98.png HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8660
last-modified: Tue, 08 Nov 2022 04:13:05 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Dec 2022 03:14:15 GMT
etag: "bec6b8eab9d6e094df42a0e1b8230994"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 04Vz8Go9uM0Nwe-TTWBbs8sQany0PpG11WLPm_73gICnt6ft45W-9Q==
age: 17574
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/1d936c9181a86fc7d77dc67ad3a3f2d194557253.png | 143.204.55.16 | 200 OK | 48 kB |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/1d936c9181a86fc7d77dc67ad3a3f2d194557253.png IP143.204.55.16:0
File typePNG image data, 414 x 736, 8-bit colormap, non-interlaced\012- data Hasha66a7278909b71cde6a87ae400e2de8b 1d936c9181a86fc7d77dc67ad3a3f2d194557253 52e9e7f992721ed81bdb6146fe578eb67437eeb378d7c87a46928996ff219b1c
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/1d936c9181a86fc7d77dc67ad3a3f2d194557253.png HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 47495
last-modified: Tue, 08 Nov 2022 04:14:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Dec 2022 03:14:15 GMT
etag: "a66a7278909b71cde6a87ae400e2de8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mt-o1ZEgD3Iy5OdD33IkVILIiP4kbVo8CCmnWuWUzGgL0EjTqwzfmA==
age: 17574
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashee19f96e42a0eca99d00c8d91f977c35 3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9 6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 08:07:08 GMT
Last-Modified: Tue, 13 Dec 2022 07:42:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 07:33:17 GMT
age: 2031
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hop.greenbluefrog.click/js/pub.min.js | 108.178.23.115 | 200 OK | 1.5 kB |
URL HTTP/2hop.greenbluefrog.click/js/pub.min.js IP108.178.23.115:0
File typeASCII text, with very long lines (2752) Hash31c303586c1b78e33984bd252b8e2644 8083e2aad4cbf8242a4e6fb53657d49552b85f82 d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /js/pub.min.js HTTP/1.1
Host: hop.greenbluefrog.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 08:07:08 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Wed, 14 Dec 2022 08:07:08 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.242.3.166 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.242.3.166:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DvmPPwrNXDgQR6PDCu1NMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3OdzFdoM9A/etsRDLMj5gBq/h88=
|
|
| www.my-lucky-days.xyz/sw.js?v=1670918826886 | 143.204.55.16 | 200 OK | 55 B |
URL HTTP/2www.my-lucky-days.xyz/sw.js?v=1670918826886 IP143.204.55.16:0
File typeASCII text, with no line terminators Hash26f6b690be52718039148d66237935c9 c37b26ac420dccfb6ca1e6829d9a81caad399ba5 30160e59ded9cd7035b13f61d711bb9523fc6b03f68f51d7f42f429d7be11775
GET /sw.js?v=1670918826886 HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 55
date: Tue, 13 Dec 2022 02:03:23 GMT
last-modified: Mon, 12 Sep 2022 05:36:10 GMT
etag: "26f6b690be52718039148d66237935c9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fQTqI9b81ip_6jEJKQrVwLFYjS_EUsCp0yZl5L_X2WAc4w-f5RkWxA==
age: 21826
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/99e01d3e0c461a43735019cc73db8074aa7ab504.png | 143.204.55.16 | 200 OK | 96 B |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/99e01d3e0c461a43735019cc73db8074aa7ab504.png IP143.204.55.16:0
File typePNG image data, 16 x 16, 1-bit colormap, non-interlaced\012- data Hash35b9ee99fe32d3d68f7807c43d768092 99e01d3e0c461a43735019cc73db8074aa7ab504 cfee15b8d3ffca2475ecab6e25900ed1454d9c327fca1942728629452ad00ee6
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/99e01d3e0c461a43735019cc73db8074aa7ab504.png HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 96
date: Tue, 13 Dec 2022 08:07:10 GMT
last-modified: Tue, 08 Nov 2022 04:13:09 GMT
etag: "35b9ee99fe32d3d68f7807c43d768092"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rW9BWDpXWbR4Ji5rLjLz39YwB16J4zu1_7oCwMUlN648unl8jTQ1Hg==
X-Firefox-Spdy: h2
|
|
| hop.greenbluefrog.click/sw.js | 108.178.23.115 | 200 OK | 776 B |
URL HTTP/2hop.greenbluefrog.click/sw.js IP108.178.23.115:0
Hashf72a11763f13b05c1f2379d13387dd05 002fbf7672d3f4655b89b6413d160e4185ce9900 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
GET /sw.js HTTP/1.1
Host: hop.greenbluefrog.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 08:07:09 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash08f7321e01de2d111fc8100424937061 01ea459fe9270ea25e3cec2228d1cf3cd61d80b8 36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Tue, 13 Dec 2022 11:28:43 GMT
Date: Tue, 13 Dec 2022 08:07:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash08f7321e01de2d111fc8100424937061 01ea459fe9270ea25e3cec2228d1cf3cd61d80b8 36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Tue, 13 Dec 2022 11:28:43 GMT
Date: Tue, 13 Dec 2022 08:07:10 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1abb84e01b1e6e8d13317083770e9e25 8e034ed23b8d40406fd43f74f0af5f7278d1465e 5238283f759fdf48354b5372bf87c9cc1d5db2dd319db54ac0e09f1e6ac32cbc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12449
x-amzn-requestid: 992fe7fc-089b-4cc8-bb4f-0636b96d5f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8I9UFlAoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394bb88-0cf5980b3772bc313c547db9;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 17:02:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4rBy--_A54HSE60mv10Fk2gLZKcNiENqjs3i9-e1DjtW6n3Q97MlwA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:22:37 GMT
age: 35073
etag: "8e034ed23b8d40406fd43f74f0af5f7278d1465e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd8b0477fb90d103e2155bbf7ab47d877 ab668e755bd742b165fa3ba46a4c486c616a7ff6 40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 08:18:10 GMT
age: 85740
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash82729f01d4f9937407d14605a2b611f4 63ef739dbbcd1238da788c05909df21826d9f37b 4420ac61a207ef4d7899632123af2dd2c7421e6d16a494aea33383d37d603038
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5871
x-amzn-requestid: 0c5fa60d-81f3-4796-966d-cf91b6a28939
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWefGstIAMF-zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-7234498f4094f61107741d1c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f6d2A_b3AN_-g7QFNmtlMhjEitZ4fw9GX5w-xx1PxH-z_FdqjvabTQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:41 GMT
age: 36569
etag: "63ef739dbbcd1238da788c05909df21826d9f37b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashab5a208bfde395cefdbf547982544b25 cfdcccc56da544414936b95c888585f6a56833ad 9897cf24a8332e797d33b0493ab8f488d991151d7be621cd5753aa5e3b2c9451
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5922
x-amzn-requestid: 98bd853c-cbe5-4672-9915-6e54978730bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0LzNEO7oAMF-dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918ce1-23b0f17a2e5e95f7707adcaf;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XqYJM2tgLUzVd5MQ--NIuyahAg3J8DBtWESucvxrrQtSGpN2J1OywQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 23:15:47 GMT
age: 31883
etag: "cfdcccc56da544414936b95c888585f6a56833ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd88b1bc-231c-4262-b2d6-b469a5fc292f.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd88b1bc-231c-4262-b2d6-b469a5fc292f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0d13ed713d186b60bce9bce93fc8acd4 685feb809923cd029dc3bed1c1ae15cb14f774f8 09211351fcec32fcf0678ddb0e14ecb3307c36785d4697658a95b04ab47b27b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd88b1bc-231c-4262-b2d6-b469a5fc292f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7107
x-amzn-requestid: a681a264-016b-4c87-b3ba-40b451848d6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5yJEFqrIAMF0hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ca39-7232d99f28684b685c9e7223;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 23:52:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: INDZcXT8MX4uG0Dr-b5llbz07l2MuC7xqdlMuzx9RcwvsY2fPydU2A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 14:33:22 GMT
age: 63228
etag: "685feb809923cd029dc3bed1c1ae15cb14f774f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash690133687ca909986a7ac4e919193bbb 9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4 d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 03:58:00 GMT
age: 14950
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787 | 143.204.55.16 | 200 OK | 0 B |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787 IP143.204.55.16:0
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787 HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 08 Nov 2022 04:13:19 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 13 Dec 2022 08:07:08 GMT
etag: W/"eaddcd5405d9dbc3df8d2d585b65d17f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kLCuQqVDzTNgPf3-VwASdb0K89HKcC-8s2HtKsYfuqfuQY-5HUSbbw==
age: 22926
X-Firefox-Spdy: h2
|
|
| www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/style.css | 143.204.55.16 | 200 OK | 0 B |
URL HTTP/2www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/style.css IP143.204.55.16:0
GET /sweeps/CH/GiftCard-ES-CH-AnimationFlag/style.css HTTP/1.1
Host: www.my-lucky-days.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.my-lucky-days.xyz/sweeps/CH/GiftCard-ES-CH-AnimationFlag/index.html?cep=sjs5qtq_yOQLEg2pZeBQ5cKZHGY5-q9KlSa_yQDEwlZ8KN7ov5_tdh6n2oJZHq-N3a6nVWyozIJB42obkqTkEBU8kNJeca7dSlMiN7Nc8_a1aMC4VFXflPTIXPVNROVDPMftMrtgvGbEeVII_MhZ3Tsuk60W8il-IY5ErzeZ6q2DMGnOoUvVWJN_kycL7sCsj58qogGK45NWbju2RarMrAHge2c-ctxMsrNk8DYSy9UfrtlchWL8u9uI57KxaFcFO3pZgpxdFfxbL9I-HGVw2K3Km9wqopTtJsEquouGKBDd66l7j18j_rXlv1CP5_2BI8iNi1WeqhbybpXGyCL2fWZK0KR7jyOcp7id3LOgDc99PkfVfkgCfWPVLmKzblU2&lptoken=16c570fe92fd06da2787
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 13 Dec 2022 04:08:23 GMT
last-modified: Tue, 08 Nov 2022 04:13:20 GMT
etag: W/"5e1f5f4c96dc20f233a6ef9d8cc271ff"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sHigel8gLN6SKIedR8G7ucrUU4olsA0erJ6uf9YfsDqd1pHTI6t0Rw==
age: 14326
X-Firefox-Spdy: h2
|
|