luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
172.67.214.126200 OK 1.7 kB URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
IP 172.67.214.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 852ad6af1a3eb9feee7d18cc2dc353db
5a1a7636792ada34221c958a62b1adbe1749839f
0b6d74f8aaeb080b666acd6b631b5d7ed3b02babf4a05bbc7d997bf329c69798
GET /ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434 HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elLUyrIIfWGa3TwMbveA%2BLx8j1s1gX4Bvu%2BTSu7QEtvMSbRXuRFrgEu2YUAcyymeauWCk%2BQFtQDPHuUAGzoCJ55hDJjucrQub4V1mtL0gQrSvAggYvVLKfY5sickDBuu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 766c64a46dadb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16058
Expires: Tue, 08 Nov 2022 11:21:20 GMT
Date: Tue, 08 Nov 2022 06:53:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2056
Cache-Control: max-age=101512
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:42 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:05:34 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2056
Cache-Control: max-age=101512
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:42 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:05:34 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16031
Expires: Tue, 08 Nov 2022 11:20:53 GMT
Date: Tue, 08 Nov 2022 06:53:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m2nRvPufjJteAT5YZAxmGAq1duHuab81jT3GyZ16LbwIETIv8/6jDExoIJO6zQYVekZNme1wztVPrsHcPDyTRQ==
x-amz-request-id: 26M48VJQ4WGK93ZV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 06:48:24 GMT
age: 318
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
luckyme.homes/ip13/id/survey_2az/img/app.css
172.67.214.126200 OK 170 B URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/app.css
IP 172.67.214.126:0
File type ASCII text, with very long lines (309), with no line terminators
Hash b5d43158e1817850386944b660cd1812
82a3b7d0d4105538585c3b81e134f87f7f4d2137
f7536532a967f9fb02f942226e6d5a8ab80f5e74e113aac5c0083a661dbeaced
GET /ip13/id/survey_2az/img/app.css HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:21 GMT
ETag: W/"6321209d-135"
Expires: Tue, 08 Nov 2022 11:42:34 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vBBPAT7WrcA5EwmdgZxf9v6c7LvI8t1phMDF7wqJR83SFtVzbCW3KfOu%2F798hldQWHcspPjUwCwkNUkM6BhqqIbLcrIigzec%2FC7bTn6hN3l6XjbXV2nv7Y%2BiO9h3plj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766c64a79863b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
luckyme.homes/ip13/id/survey_2az/img/app1.css
172.67.214.126200 OK 1.0 kB URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/app1.css
IP 172.67.214.126:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 646774d51b78aec4122cb433032741e8
82488274e09d3f4b48537a7eb9422f486db0ddbc
9e3b623c06f1b1975447ecc3d9d11f6378b0da157384b16fa3056e9a3e3abf29
GET /ip13/id/survey_2az/img/app1.css HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:21 GMT
Vary: Accept-Encoding
ETag: W/"6321209d-a9d"
Expires: Tue, 08 Nov 2022 11:23:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xjj3U90vgIkkAEXW9Qa546LGSeoyFKXY0z0HkIhHbs46fLhcK1bN6L3M93a9OQ5wQOmgtXC5teDfdk6bs3EaDa%2FPSD6rV%2BpZ17D%2B%2BsvuQrkHY0wv0Hc84nLLDTSJElJc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 766c64a79e7eb527-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip13/id/survey_2az/img/app.js
172.67.214.126200 OK 697 B URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/app.js
IP 172.67.214.126:0
File type ASCII text, with very long lines (1468), with no line terminators
Hash eec23f6831ab2694520d8df7aa954c4c
1f7689b66f9c104dc53703837478d386883c1c6f
f48c942826a30f94a45c4b0b8e049bca89b90925ba8e5cc06b88ce8af5ce7f0f
Analyzer Verdict Alert fortinet Phishing
GET /ip13/id/survey_2az/img/app.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:21 GMT
Vary: Accept-Encoding
ETag: W/"6321209d-5bc"
Expires: Tue, 08 Nov 2022 12:18:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7Jq5a%2FWGywYnBcD44cZkApB08SF%2Fx39fyvTil6X%2FWPeKrmNIFjPvOFc78RiNORzekAPIRl4Kwsvnc%2FspXcKrCGKSpDslVRCbGqqxjV67BS7LQEe8CuL9uktGOhdXDdU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 766c64a798b31c06-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip13/id/survey_2az/img/app1.js
172.67.214.126200 OK 51 kB URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/app1.js
IP 172.67.214.126:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b0b16c24d708efbfa69229457bcfef0
a31b0752d1389f32ce3093677405c09c213ba624
7a1c9efaed2891934fe3bc4ec874f89dd39e446b12ad77fe916763e9b9e0e176
Analyzer Verdict Alert fortinet Phishing
GET /ip13/id/survey_2az/img/app1.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:21 GMT
Vary: Accept-Encoding
ETag: W/"6321209d-211f7"
Expires: Tue, 08 Nov 2022 11:23:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxRIDpnZIN1fGlKnMHrt%2BVRJNwtIKZRRaFvRjlo%2B1D5boHz4PEJVVC9PrHyhN9k9gMXgu8awz1Bb1yLseNL3b0DSoCzqG2LkCgm4yxZIRzgGy4DqKcxYqzZ5QHCoZFwR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 766c64a7abd90b31-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
luckyme.homes/ip13/id/survey_2az/img/spinner.gif
172.67.214.126404 Not Found 167 B URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/spinner.gif
IP 172.67.214.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4e93325cbd7d0a1bd9182c50a87ee855
4761e9470180e0a73ba9df2773318dab945e33be
c9741cd73b587f99806ca15ae0bf08ca7e78d0a805fc0258394b757107395c96
GET /ip13/id/survey_2az/img/spinner.gif HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dVapS4LE5oyqwWlpayGWa36kV1Tjs7JtVjdm5gbiXjVWw8y49hw8FqTkwRb%2F17GIASsCrNlpey8MG8F6cMOVrdRLUh76d8MFM5t8FafsQl1lAb2w%2F0ISqQEQgNc%2Fag7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766c64a8fd8cb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
luckyme.homes/ip13/id/survey_2az/img/default@0.75x.png
172.67.214.126200 OK 56 kB URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/default@0.75x.png
IP 172.67.214.126:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c107e1b5b8b9e124cc614ac3b1b7ce8
a4471830185258b840b8ba56297298ff4c121a5a
d113eb582f92abc89bcb5f15e3bdfa6165e2c3189ab8e6174cb63356a1ded746
GET /ip13/id/survey_2az/img/default@0.75x.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: image/png
Content-Length: 55706
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:30:22 GMT
ETag: "6321209e-d99a"
Expires: Wed, 30 Nov 2022 23:17:45 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scCGsmjjbFqSfufK4%2FJ0a2zEm0L%2Ft6Vmza7o8KXyGDC5SZO0mf9uKVGcYpb5ZcdXmW9LPRAPBmo4lfQsNk0Xuc9XxOIvA4rh8T8%2BdyeBSAgh%2FjlOHo2a4S0MtQ1DmHt1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766c64a8ffafb527-OSL
alt-svc: h2=":443"; ma=60
luckyme.homes/ip13/id/survey_2az/img/checked.png
172.67.214.126404 Not Found 167 B URL HTTP/1.1 luckyme.homes/ip13/id/survey_2az/img/checked.png
IP 172.67.214.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4e93325cbd7d0a1bd9182c50a87ee855
4761e9470180e0a73ba9df2773318dab945e33be
c9741cd73b587f99806ca15ae0bf08ca7e78d0a805fc0258394b757107395c96
GET /ip13/id/survey_2az/img/checked.png HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/ip13/id/survey_2az/?cid=wr7bi0fr8cfbvmak2t701784&cep=WGn0pAUIXOFXaibgRvKQHkjGwmmeg2rxengtj0s0MAhHvzrVCa5T3hl0CcjRy3v0MkIf0eCJV-QQGCqBN5Vc8wJBFh5jtNStM2toFfLIG3UGFk4mlpTAcNhgd5WXR2Fpr3-636_6sBYwM2zXg9cRE3gRG9RJByx4HEeg4N3jZUy-FvKekAtBU--hsI7t07fNTz0opXMPRRNwwOoSf3ofZSU99zDQDxC1vBr6HMKM7KPd5uKTUano-kOsaAGR8d9jbnFCH9cJKQ7VfNhnKrI4jNFXpCcP14kNqnRQoJp7BBpPyqGbS4cVxYiSQz1dxU7WGIYXLpd0IdvjcMO_90q4GrQC5njvO6bRv8KQ7LsGY4VoLq4sHlJfXrufx8vT9T-yHx-K36Q75EfiIHUrZ6-miQ&lptoken=165c6782894322310434
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pji8LlUSW85JkTY00MowODu4aArJUeZP7vA5QcfcX0c97JlFVB3IkynEXRwliooiZFZcFgxyMWPRo%2BvMWAPbQayBR7UgTT2bb9l3w5AyEp1Z5j%2B2zEMHgocyf%2FXnDo4s"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766c64a8fca7b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oogneenu.net/pfe/current/tag.min.js?z=3654242&ymid=wr7bi0fr8cfbvmak2t701784
139.45.197.251200 OK 6.0 kB URL HTTP/1.1 oogneenu.net/pfe/current/tag.min.js?z=3654242&ymid=wr7bi0fr8cfbvmak2t701784
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14782), with no line terminators
Hash c0ecfb9e2db67b6fb29ddce08ff1071d
79b3ce81488f2a160343da87b2dd7bff73f96aad
159c0eb3645904a179c4c99c07eefec835874f1a5d8ff9b809f7c049e2a78b4e
GET /pfe/current/tag.min.js?z=3654242&ymid=wr7bi0fr8cfbvmak2t701784 HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyme.homes/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Nov 2022 06:53:43 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Nov 2022 13:02:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63626a7d-39be"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30908, version 1.0\012- data
Hash 0637d53459cdc8ee092a8f96186b4097
060034f995d649902b3207d41fde9a6060241499
50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
GET /s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://luckyme.homes
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 02:08:15 GMT
expires: Fri, 03 Nov 2023 02:08:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:34:50 GMT
content-type: font/woff2
age: 449128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4836
Cache-Control: max-age=99219
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:43 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:27:22 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 06:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9cce5b887762819342b1be5c2a69323
c7f7fe7156788df77563a4fc33e6f964be70e5b3
a1e7f6e963b316050c7833b8ea36f6088b8cf44d295e9dbd696d92b5724902a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1E7F6E963B316050C7833B8EA36F6088B8CF44D295E9DBD696D92B5724902A5"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19317
Expires: Tue, 08 Nov 2022 12:15:40 GMT
Date: Tue, 08 Nov 2022 06:53:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9cce5b887762819342b1be5c2a69323
c7f7fe7156788df77563a4fc33e6f964be70e5b3
a1e7f6e963b316050c7833b8ea36f6088b8cf44d295e9dbd696d92b5724902a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1E7F6E963B316050C7833B8EA36F6088B8CF44D295E9DBD696D92B5724902A5"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19255
Expires: Tue, 08 Nov 2022 12:14:38 GMT
Date: Tue, 08 Nov 2022 06:53:43 GMT
Connection: keep-alive
oogneenu.net/zone?pub=0&zone_id=3654242&is_mobile=false&domain=luckyme.homes&var=&ymid=wr7bi0fr8cfbvmak2t701784&var_3=
139.45.197.251200 OK 720 B URL HTTP/2 oogneenu.net/zone?pub=0&zone_id=3654242&is_mobile=false&domain=luckyme.homes&var=&ymid=wr7bi0fr8cfbvmak2t701784&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (719)
Hash 8267b0de85a6cdafeaef3ee01126ccbb
eb0b5e1e8b18ec08b7cdd58140675e866bdeada3
3d544e7cdabc88d4c86a8a0fdd750c92c0d3cf0d8f0b4903ce8b22c0e41d9f40
GET /zone?pub=0&zone_id=3654242&is_mobile=false&domain=luckyme.homes&var=&ymid=wr7bi0fr8cfbvmak2t701784&var_3= HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:43 GMT
content-type: application/json; charset=utf-8
content-length: 720
x-trace-id: 889e7e2d853e55c72b582789d5d31351
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SlUTra5WwcM99o+ZO1nTVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fsEM5R3VX+QCzY6JnjxN/aqTf/E=
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:44 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:44 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:44 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Content-Type: application/json
Origin: http://luckyme.homes
Content-Length: 884
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b81e133780e5d434718fa2b8753b687f
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oogneenu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Content-Type: application/json
Origin: http://luckyme.homes
Content-Length: 1193
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f4f7beab35dbdd70938b1f15eba51c14
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oogneenu.net/pfe/current/universal.min.js?v=3.1.402
139.45.197.251200 OK 34 kB URL HTTP/2 oogneenu.net/pfe/current/universal.min.js?v=3.1.402
IP 139.45.197.251:0
Hash 8202882d2115b2798913b27d58618e8d
3c0a2f813291b9ec3a934d23f8cf7612d71ff864
bfc4e96a8e96036feda439f6aabe63a6cd377b443d084cd600a9dba7a9b73d93
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1
Host: oogneenu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyme.homes/
Origin: http://luckyme.homes
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 06:53:43 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-180b9"
access-control-allow-origin: http://luckyme.homes
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13940
Expires: Tue, 08 Nov 2022 10:46:05 GMT
Date: Tue, 08 Nov 2022 06:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13940
Expires: Tue, 08 Nov 2022 10:46:05 GMT
Date: Tue, 08 Nov 2022 06:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13940
Expires: Tue, 08 Nov 2022 10:46:05 GMT
Date: Tue, 08 Nov 2022 06:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13940
Expires: Tue, 08 Nov 2022 10:46:05 GMT
Date: Tue, 08 Nov 2022 06:53:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff802202-24f1-4a0e-a772-7eb845e5afd6.webp
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff802202-24f1-4a0e-a772-7eb845e5afd6.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 889ad23c83914b0c4ece74ac23c5089a
cb3e3135ab5744389231c9d2601765803f560017
257685b33ec5195f3ab99466dfb45adfa612872711f7d92e8441f7d2d06a7e1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff802202-24f1-4a0e-a772-7eb845e5afd6.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3914
x-amzn-requestid: 6c3e2774-e55a-453a-bd01-fc4aeb3679e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKLHKE_ToAMFfOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63672560-3a205de84cb3382f15ee30bc;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 03:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vU8Y2Ud9wK8OemuUyAknpiT9iBDawRppZ2LaSYCvT9Wj5zhdTMitmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 04:25:40 GMT
age: 8885
etag: "cb3e3135ab5744389231c9d2601765803f560017"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:01:04 GMT
age: 31961
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a1fbcd-1a08-4645-a419-5bcdd867b04e.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a1fbcd-1a08-4645-a419-5bcdd867b04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbf91a9d46c8bee923b0001ef78ece20
96670ada34191b894ccd82dd83245b79843fc8ec
553ee76d84f0b97ce6c7776611e27b5402f00d71e38915c3e16675b7b2d8e9da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a1fbcd-1a08-4645-a419-5bcdd867b04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4647
x-amzn-requestid: 29832357-ebff-4080-9ca0-833ff471abaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM8YOFpKIAMF1nQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63684101-4c8855d638195e3201352406;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 23:19:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3-zmYLM1fuUIxk52ayiNjjlF1iCLKqZRBm84aTFlYP3SLu-s7tlRjg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 05:38:32 GMT
age: 4513
etag: "96670ada34191b894ccd82dd83245b79843fc8ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:55:45 GMT
age: 32280
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 09:11:38 GMT
age: 78127
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wiVqhBy98fSb32WK61Z0nQQH1XMnTnD-XPqmNZkCYqnvMY7dzsSudw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 33195
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
luckyme.homes/of2_az.js
172.67.214.126200 OK 0 B IP 172.67.214.126:0
Analyzer Verdict Alert fortinet Phishing
GET /of2_az.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 06:53:43 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 23:17:05 GMT
vary: Accept-Encoding
etag: W/"63605771-4ac"
expires: Tue, 08 Nov 2022 11:23:28 GMT
cache-control: max-age=43200
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSsaeOxpwatu8PIXwboLM2TLNBCWxh8mOTArF0igNngPqLVh53vxjbyNEXq6W7MoNfFKeOA5t%2F3AkbxJKq0D2sep5FkvAIfQdmIsJPkEwXdBVVi%2FTe5ZyTdjQTuwYt39"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 766c64a7bc8eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
luckyme.homes/propush.js
172.67.214.126200 OK 0 B IP 172.67.214.126:0
Analyzer Verdict Alert fortinet Phishing
GET /propush.js HTTP/1.1
Host: luckyme.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 06:53:43 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 00:32:09 GMT
etag: W/"63212109-1f7"
expires: Tue, 08 Nov 2022 12:40:31 GMT
cache-control: max-age=43200
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHJfM8bRzLQew%2ByHYfecQncJAkdoh%2BNMtzcE6DHjZ8RWlZaGGPM%2B%2BFsqCM2%2Fpp0AO00lniXYhoyrQIXVTEjOT0dMPEhZn6saBKYg1eWsAWJimesBA8lFGogfks947in0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 766c64a7bc8ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Pacifico&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Pacifico&display=swap
IP 142.250.74.10:0
GET /css?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyme.homes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 06:53:43 GMT
date: Tue, 08 Nov 2022 06:53:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2