urlquery - report: tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b769-5b61926663fa

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
tracker.essayzon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	867	2556	3.70.16.242
offer.essayzon.com (10)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5585	155787	50.116.114.86
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	34.208.31.97
r3.o.lencr.org (6)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2028	5317	23.36.76.226
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1594	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5843	34.160.144.191
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	55751	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-11-28	medium	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b769-5b61926663fa	Phishing
2022-11-28	medium	offer.essayzon.com/1/myprize/boxwin/index_files/c1ffd89caad1a6f1ac64e76a76c (...)	Phishing
2022-11-28	medium	offer.essayzon.com/1/myprize/boxwin/index_files/62becd726872236d701af5d76cf (...)	Phishing
2022-11-28	medium	offer.essayzon.com/1/myprize/boxwin/index_files/micro.js	Phishing
2022-11-28	medium	offer.essayzon.com/1/myprize/boxwin/header-logo.svg	Phishing
2022-11-28	medium	tracker.essayzon.com/click	Phishing

Date	UQ / IDS / BL	URL	IP
2023-06-02 07:38:44 UTC	0 - 0 - 1	n1sav.bemobtrcks.com/go/37705851-68aa-4840-87 (...)	3.70.16.242
2023-06-02 02:52:58 UTC	0 - 0 - 2	click.stukhffjsurvey.live/	3.70.16.242
2023-06-01 22:27:15 UTC	0 - 1 - 0	win.canyouwin.online/go/547f6e26-7e42-4c9e-9c (...)	3.70.16.242
2023-06-01 04:58:43 UTC	0 - 0 - 2	go.rdrm1.click/go/3217fab2-ddfa-48c3-b6aa-fc8 (...)	3.70.16.242
2023-05-31 23:58:40 UTC	0 - 0 - 2	reminderset.com/go/f4e5a55d-d7da-4409-9280-96 (...)	3.70.16.242

Date	UQ / IDS / BL	URL	IP
2023-06-02 12:58:13 UTC	0 - 2 - 0	clicktime.symantec.com/15tStc3X4fpDgNPudz7sK? (...)	34.251.193.65
2023-06-02 12:56:54 UTC	0 - 0 - 5	www.blushpixel.com/	44.227.65.245
2023-06-02 12:53:07 UTC	3 - 0 - 0	snowplow.apps.clarivate.com/r/tp2?u=https://a (...)	52.36.177.214
2023-06-02 12:50:23 UTC	0 - 0 - 1	mettmaske-login.godaddysites.com/	76.223.105.230
2023-06-02 12:49:36 UTC	0 - 3 - 0	boring-dubinsky-45de26.netlify.app/https/disc (...)	35.156.224.161

Date	UQ / IDS / BL	URL	IP
2023-05-28 16:09:09 UTC	0 - 0 - 31	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b7 (...)	3.70.16.242
2023-05-28 03:19:59 UTC	0 - 0 - 20	tracker.essayzon.com/go/aa1ab1b5-5830-44ed-88 (...)	3.70.16.242
2023-05-27 08:06:48 UTC	0 - 0 - 6	offer.essayzon.com/1/iPhone/ar/2lp/mz.php?p1= (...)	162.246.59.148
2023-05-26 16:59:33 UTC	0 - 0 - 5	offer.essayzon.com/1/myprize/boxwin/hk.php?ke (...)	162.246.59.148
2023-05-26 09:12:04 UTC	0 - 0 - 7	tracker.essayzon.com/go/4fce3794-d01c-4afa-85 (...)	3.70.16.242

Date	UQ / IDS / BL	URL	IP
2023-04-04 06:57:07 UTC	0 - 0 - 6	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b7 (...)	3.70.16.242
2023-03-25 14:55:08 UTC	0 - 0 - 7	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b7 (...)	3.70.16.242
2023-03-24 10:56:41 UTC	0 - 0 - 5	offer.essayzon.com/1/myprize/boxwin/FNB.php?k (...)	162.246.59.148
2023-03-22 08:55:47 UTC	0 - 0 - 6	offer.essayzon.com/1/myprize/boxwin/FNB.php?k (...)	162.246.59.148
2023-03-22 06:54:55 UTC	0 - 0 - 6	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b7 (...)	3.70.16.242

Request	Response
GET /go/b9dfad6b-d5af-48fb-b769-5b61926663fa HTTP/1.1 Host: tracker.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	3.70.16.242 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Server: openresty Date: Mon, 28 Nov 2022 17:57:09 GMT Content-Length: 592 Connection: keep-alive accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced Access-Control-Allow-Origin: * Location: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0 Set-Cookie: bemob-uniq-visit:b9dfad6b-d5af-48fb-b769-5b61926663fa=1; Domain=tracker.essayzon.com; Path=/; Expires=Tue, 29 Nov 2022 17:57:09 GMT; HttpOnly bemob-rotation:b9dfad6b-d5af-48fb-b769-5b61926663fa:random:2326a74bb7dcb4fbb552bd5308151eec=0-6-3; Domain=tracker.essayzon.com; Path=/; Expires=Tue, 29 Nov 2022 17:57:09 GMT; HttpOnly bemob-track-url=http%3A%2F%2Foffer.essayzon.com%2F1%2Fmyprize%2Fboxwin%2FFNB.php%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%253D%253D%26bemobdata%3Dc%253Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%253D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%253D0..b%253D0; Domain=tracker.essayzon.com; Path=/; Expires=Tue, 29 Nov 2022 17:57:09 GMT; HttpOnly Vary: Accept X-Response-Time: 8.883ms Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (592), with no line terminators Size: 592 Md5: 2319927b17e1fb7d379dfb1b4b3045c3 Sha1: 882669ff2755b2a7236e717c1d55bb67cf8297cc Sha256: ebbc3adb6d76f889452178e9cc5e8ca95b60647b72d3f25ec91319a51a36be3e Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4076 Expires: Mon, 28 Nov 2022 19:05:06 GMT Date: Mon, 28 Nov 2022 17:57:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3390 Cache-Control: max-age=149441 Date: Mon, 28 Nov 2022 17:57:10 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 11:27:51 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6207 Expires: Mon, 28 Nov 2022 19:40:37 GMT Date: Mon, 28 Nov 2022 17:57:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 28 Nov 2022 17:19:32 GMT cache-control: public,max-age=3600 age: 2258 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 4mVS3SN/SpYV8yH2lSqsWoTLaE1PkTEsQ8B6rmsVD0bbwdcZWBZHQUyiIEXVe7Acpoy1C3t0oq8= x-amz-request-id: Q2Y27GVVTWG28KFH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 28 Nov 2022 17:45:07 GMT age: 723 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 28 Nov 2022 17:57:10 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0 HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	50.116.114.86 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 17:57:10 GMT Server: nginx/1.21.6 Vary: Accept-Encoding Content-Encoding: gzip Accept-Ranges: none X-Server-Cache: true X-Proxy-Cache: MISS Content-Length: 4022 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1261) Size: 4022 Md5: da179039f73cfa3bcc86946a62713cfd Sha1: 71f70f24c71caafcc0198f49568356e6a5308c7e Sha256: 715bc5489e0e0164c83890a97dfe5908990dd4731c44df15986aaaaee73fb221
GET /1/myprize/boxwin/index_files/c1ffd89caad1a6f1ac64e76a76c000bc.js HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: application/javascript Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Last-Modified: Sun, 13 Feb 2022 14:01:51 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 38667 Md5: efac5ec08a294b9719fa79a8452f93a2 Sha1: 58475b2c269b29313c16c3ee9a9e8a9bc6e80097 Sha256: 1d2a26f8aaf3ff0298a942711bf9b01dc2aef45e955031ec7935ca76549afc83 Blocklists: - fortinet: Phishing
GET /1/myprize/boxwin/index_files/mycss.css HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: text/css Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Tue, 24 May 2022 08:19:50 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7705 --- Additional Info --- Magic: ASCII text, with very long lines (62302) Size: 7705 Md5: 3e053ea10095d66cc50c79509d4c1ed6 Sha1: 59150250db8d8260302623d780e55e1a2fa3c04f Sha256: 4889e31fb753ac70602d504cbde20fc8857e0bb576c424e0105bb7880895aafe
GET /1/myprize/boxwin/index_files/froala_style.css HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: text/css Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Sun, 13 Feb 2022 14:01:51 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1971 --- Additional Info --- Magic: ASCII text, with very long lines (7048) Size: 1971 Md5: d22a849892d969167a4cee390b475fb9 Sha1: 91a63ba37343d9f6d92d55ca1ccb1d6df28b95da Sha256: 3b2bb1dba6c4c7e7b0ba844a779facd9d6d628bc02c02b425a70d928390732de
GET /1/myprize/boxwin/index_files/62becd726872236d701af5d76cf57542.js HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://offer.essayzon.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562) Size: 18982 Md5: 2e42883d01a901e0ab12830b71b1a1cf Sha1: e849df60839565917c262db4ef43c4a419222f01 Sha256: ece0778965ed49a10d158ef5a9907730d24de700a2bfd438de242f0b7fe79b3c Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 28 Nov 2022 17:08:55 GMT cache-control: public,max-age=3600 age: 2895 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /1/myprize/boxwin/index_files/micro.js HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://offer.essayzon.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562) Size: 18984 Md5: ff2b117eb25d542a269093844e8d777b Sha1: 189a67e360ce8b58466fdbf153d92135f62d2612 Sha256: 5c38f3a61ba8cd4869aec9a2885675e076a3d783ea80b1898bc2ef0dd2e0f521 Blocklists: - fortinet: Phishing
GET /1/myprize/boxwin/fnbg.png HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: image/png Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Last-Modified: Tue, 24 May 2022 08:22:28 GMT Accept-Ranges: bytes Content-Length: 23901 --- Additional Info --- Magic: PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Size: 23901 Md5: 320eaf9f6b1afc63cfa9ba72ac5f800f Sha1: b0f662a8365ae83b65b6fa9f86823848f3ed0136 Sha256: 051b719032c3b27200c9c61f6b17e957eb90dd85abc1b56b7753437f01616b17
GET /1/myprize/boxwin/index_files/b45cbc066907105f9fdb6ff6f3de0bf3.png HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: image/png Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Last-Modified: Sun, 13 Feb 2022 14:01:51 GMT Accept-Ranges: bytes Content-Length: 2283 --- Additional Info --- Magic: PNG image data, 257 x 184, 8-bit colormap, non-interlaced\012- data Size: 2283 Md5: 57cffe641003f9a80834df4f706d16c3 Sha1: 900af1f1f75f11f547bf4bab2f9f88f0b3b0c38d Sha256: fd0a52dab9715198deaac93ec52117c0443279db1ed9b186790806d7542e98aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4319 Cache-Control: max-age=145303 Date: Mon, 28 Nov 2022 17:57:11 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:18:54 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
GET /1/myprize/boxwin/index_files/top_r.png HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/index_files/mycss.css	50.116.114.86 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://offer.essayzon.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562) Size: 18982 Md5: ee32f8951fcc900be06775cb3ecc69ef Sha1: 0be4c78a7da8c73f016b774f1c3c84bccc82fca0 Sha256: 7b5e4e5ce82c734dab746468020acf82bf112d46dee65ab7522795fc2fd55f98
GET /1/myprize/boxwin/header-logo.svg HTTP/1.1 Host: offer.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0	50.116.114.86 HTTP/1.1 200 OK Content-Type: image/svg+xml Date: Mon, 28 Nov 2022 17:57:10 GMT Server: Apache Last-Modified: Tue, 24 May 2022 08:35:23 GMT Accept-Ranges: bytes Content-Length: 17551 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (9463), with CRLF line terminators Size: 17551 Md5: 61e37d8c757872ce48534e467336f278 Sha1: 7064121964b52465231a8806a68ea0701395460c Sha256: 2eccd00ff9d42512cc11b7e443e3308755f6e3196997d751dfc93af3bc58f4c0 Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ABFE599B5B639C1753995CB739D6B9ECD0A26726D9AE9931A29D7859F47EB35E" Last-Modified: Mon, 28 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21555 Expires: Mon, 28 Nov 2022 23:56:26 GMT Date: Mon, 28 Nov 2022 17:57:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e26f754062b7d473c41572d9c991ed5e Sha1: 23132e926ec074033bc13b65ddfdd2a42d0e7a46 Sha256: abfe599b5b639c1753995cb739d6b9ecd0a26726d9ae9931a29d7859f47eb35e
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Rt2Mzj4N9j6Mi61euRCiKw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.208.31.97 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: pDpPieq1vT+zATqCc0JtdiRENuc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2216 Expires: Mon, 28 Nov 2022 18:34:08 GMT Date: Mon, 28 Nov 2022 17:57:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2216 Expires: Mon, 28 Nov 2022 18:34:08 GMT Date: Mon, 28 Nov 2022 17:57:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2216 Expires: Mon, 28 Nov 2022 18:34:08 GMT Date: Mon, 28 Nov 2022 17:57:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8885 x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGDTEFSeIAMF3rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 08:11:39 GMT age: 35133 etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8885 Md5: 3a1a4e00f1f15827cf651f373863c379 Sha1: 70c2a238f06ca7e56ef80c83738e081bf0de3330 Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10199 x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iF1VIAMF09g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:43 GMT age: 72329 etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10199 Md5: 2cd887044e91d7ed0f1a8d7119ff7dd0 Sha1: ae8aa4ce6ddaccba771fe65446926b60fc5628da Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9430 x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR7wyGCIIAMFhgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:16 GMT age: 71756 etag: "075531f525e625b117b2497f31139c9824d0e9c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9430 Md5: 1f434933b5bd6377d299ada22d1ae7ef Sha1: 075531f525e625b117b2497f31139c9824d0e9c5 Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7556 x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR78KFTmoAMF4yg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:46:41 GMT age: 72631 etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7556 Md5: 7e5051d8c06f69e1842a9295ce256a36 Sha1: 1a542a53ba0b1cd0fb23257ebed8166555f16dfb Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6376 x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_KGeaoAMFb_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:26 GMT age: 71746 etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6376 Md5: 78b1389f425425d0450c94d900404dc4 Sha1: 53b12a8702f7c5b7cc697e2a24da824d9434be65 Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6954 x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1jHpGBVIAMFsSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 08:55:37 GMT age: 32495 etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6954 Md5: 2212cf75f99dc67fd45db47f7101d754 Sha1: 4b4a8c8e8aeccfff25d2748720dcef8fed287126 Sha256: 7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /click HTTP/1.1 Host: tracker.essayzon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://offer.essayzon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	3.70.16.242 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: openresty date: Mon, 28 Nov 2022 17:57:11 GMT vary: Accept-Encoding accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced access-control-allow-origin: * etag: W/"12c-g6W6mfjiu2HgZOPjR8TsJ9uR8sU" x-response-time: 3.106ms expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - fortinet: Phishing

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" 

                                            
                                                
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=4076 

                                            
                                                
Expires: Mon, 28 Nov 2022 19:05:06 GMT 

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    150792cfc458af013998f4ef6bdf5f74

                                                Sha1:   d5179b2dcb11d06f82606bf6eb6648319998d63e

                                                Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" 

                                            
                                                
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=6207 

                                            
                                                
Expires: Mon, 28 Nov 2022 19:40:37 GMT 

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    71f9c681a82440fd55e76c780a20e55d

                                                Sha1:   3147768cfbcdd06e0c6e69684292e68e99917a80

                                                Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: binary/octet-stream

                                            

                                            
                                                
x-amz-id-2: 4mVS3SN/SpYV8yH2lSqsWoTLaE1PkTEsQ8B6rmsVD0bbwdcZWBZHQUyiIEXVe7Acpoy1C3t0oq8= 

                                            
                                                
x-amz-request-id: Q2Y27GVVTWG28KFH 

                                            
                                                
content-disposition: attachment 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
server: AmazonS3 

                                            
                                                
content-length: 5348 

                                            
                                                
via: 1.1 google 

                                            
                                                
date: Mon, 28 Nov 2022 17:45:07 GMT 

                                            
                                                
age: 723 

                                            
                                                
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                            
                                                
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                            
                                                
cache-control: public,max-age=3600 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0 HTTP/1.1 

                                        
                                            
Host: offer.essayzon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                        
                                             50.116.114.86

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: text/html; charset=UTF-8

                                            

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Server: nginx/1.21.6 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
Accept-Ranges: none 

                                            
                                                
X-Server-Cache: true 

                                            
                                                
X-Proxy-Cache: MISS 

                                            
                                                
Content-Length: 4022 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1261)

                                                Size:   4022

                                                Md5:    da179039f73cfa3bcc86946a62713cfd

                                                Sha1:   71f70f24c71caafcc0198f49568356e6a5308c7e

                                                Sha256: 715bc5489e0e0164c83890a97dfe5908990dd4731c44df15986aaaaee73fb221

                                        
                                            GET /1/myprize/boxwin/index_files/mycss.css HTTP/1.1 

                                        
                                            
Host: offer.essayzon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0

                                        
                                             50.116.114.86

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: text/css

                                            

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Server: Apache 

                                            
                                                
Upgrade: h2,h2c 

                                            
                                                
Connection: Upgrade 

                                            
                                                
Last-Modified: Tue, 24 May 2022 08:19:50 GMT 

                                            
                                                
Accept-Ranges: none 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
Content-Length: 7705 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (62302)

                                                Size:   7705

                                                Md5:    3e053ea10095d66cc50c79509d4c1ed6

                                                Sha1:   59150250db8d8260302623d780e55e1a2fa3c04f

                                                Sha256: 4889e31fb753ac70602d504cbde20fc8857e0bb576c424e0105bb7880895aafe

                                        
                                            GET /1/myprize/boxwin/index_files/b45cbc066907105f9fdb6ff6f3de0bf3.png HTTP/1.1 

                                        
                                            
Host: offer.essayzon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://offer.essayzon.com/1/myprize/boxwin/FNB.php?key=eyJ0aW1lc3RhbXAiOiIxNjY5NjU4MjI5IiwiaGFzaCI6IjI1ZTQwNmY3YmY2NTRlM2MzZGRlMDI3ODViMWUyY2QzZWM1YmY4NWUifQ%3D%3D&bemobdata=c%3Db9dfad6b-d5af-48fb-b769-5b61926663fa..l%3D97f36ce2-5ed7-4bcb-a817-b75fdeec624d..a%3D0..b%3D0

                                        
                                             50.116.114.86

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: image/png

                                            

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Server: Apache 

                                            
                                                
Last-Modified: Sun, 13 Feb 2022 14:01:51 GMT 

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
Content-Length: 2283 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 257 x 184, 8-bit colormap, non-interlaced\012- data

                                                Size:   2283

                                                Md5:    57cffe641003f9a80834df4f706d16c3

                                                Sha1:   900af1f1f75f11f547bf4bab2f9f88f0b3b0c38d

                                                Sha256: fd0a52dab9715198deaac93ec52117c0443279db1ed9b186790806d7542e98aa

                                        
                                            GET /1/myprize/boxwin/index_files/top_r.png HTTP/1.1 

                                        
                                            
Host: offer.essayzon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://offer.essayzon.com/1/myprize/boxwin/index_files/mycss.css

                                        
                                             50.116.114.86

                                            
                                                HTTP/1.1 404 Not Found 

                                            
                                                
Content-Type: text/html; charset=UTF-8

                                            

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:10 GMT 

                                            
                                                
Server: Apache 

                                            
                                                
Expires: Wed, 11 Jan 1984 05:00:00 GMT 

                                            
                                                
Cache-Control: no-cache, must-revalidate, max-age=0 

                                            
                                                
Link: <http://offer.essayzon.com/wp-json/>; rel="https://api.w.org/" 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
Transfer-Encoding: chunked 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)

                                                Size:   18982

                                                Md5:    ee32f8951fcc900be06775cb3ecc69ef

                                                Sha1:   0be4c78a7da8c73f016b774f1c3c84bccc82fca0

                                                Sha256: 7b5e4e5ce82c734dab746468020acf82bf112d46dee65ab7522795fc2fd55f98

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "ABFE599B5B639C1753995CB739D6B9ECD0A26726D9AE9931A29D7859F47EB35E" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 04:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=21555 

                                            
                                                
Expires: Mon, 28 Nov 2022 23:56:26 GMT 

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:11 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    e26f754062b7d473c41572d9c991ed5e

                                                Sha1:   23132e926ec074033bc13b65ddfdd2a42d0e7a46

                                                Sha256: abfe599b5b639c1753995cb739d6b9ecd0a26726d9ae9931a29d7859f47eb35e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                            
                                                
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2216 

                                            
                                                
Expires: Mon, 28 Nov 2022 18:34:08 GMT 

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:12 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                            
                                                
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2216 

                                            
                                                
Expires: Mon, 28 Nov 2022 18:34:08 GMT 

                                            
                                                
Date: Mon, 28 Nov 2022 17:57:12 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 10199 

                                            
                                                
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cOo4iF1VIAMF09g= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== 

                                            
                                                
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Sun, 27 Nov 2022 21:51:43 GMT 

                                            
                                                
age: 72329 

                                            
                                                
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10199

                                                Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0

                                                Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da

                                                Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 7556 

                                            
                                                
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cR78KFTmoAMF4yg= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw== 

                                            
                                                
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Sun, 27 Nov 2022 21:46:41 GMT 

                                            
                                                
age: 72631 

                                            
                                                
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7556

                                                Md5:    7e5051d8c06f69e1842a9295ce256a36

                                                Sha1:   1a542a53ba0b1cd0fb23257ebed8166555f16dfb

                                                Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 6954 

                                            
                                                
x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: b1jHpGBVIAMFsSg= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C3 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw== 

                                            
                                                
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Mon, 28 Nov 2022 08:55:37 GMT 

                                            
                                                
age: 32495 

                                            
                                                
etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6954

                                                Md5:    2212cf75f99dc67fd45db47f7101d754

                                                Sha1:   4b4a8c8e8aeccfff25d2748720dcef8fed287126

                                                Sha256: 7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8

URL	tracker.essayzon.com/go/b9dfad6b-d5af-48fb-b769-5b61926663fa
IP	3.70.16.242 (Germany)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-11-28 17:57:20 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	6
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.70.16.242

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: essayzon.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (1)

#1 JavaScript::Eval (size: 80) - SHA256: 8b9cab4256b873beb47d6fd5cac02a1ec39905ee3a6dd2dd9e350ccb831baf89

Executed Writes (0)

HTTP Transactions (31)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.70.16.242

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: essayzon.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (1)

#1 JavaScript::Eval (size: 80) - SHA256: 8b9cab4256b873beb47d6fd5cac02a1ec39905ee3a6dd2dd9e350ccb831baf89

Executed Writes (0)

HTTP Transactions (31)

Network Intrusion Detection Systems