| braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4 | 3.124.99.72 | 302 | 0 B |
URL HTTP/1.1braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4 IP3.124.99.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4 HTTP/1.1
Host: braokeextrefore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Wed, 25 Jan 2023 07:01:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Pragma: no-cache
Set-Cookie: 50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4-v4=ODTiwW8aNw8cGixie1PvjhIKfop7JkKx3kKIampNcPY; Max-Age=86400; Expires=Thu, 26-Jan-2023 07:01:36 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly
cep-v4=WiUIl7JSOLSC1SaaJnXcQFlLS1f3-H66uauaZ0mIA2jGlfbk2ns98fXarSz8kDgRvETo5X8tiTMCfOpxiNol-t6sJeRlVphc95lUuHDdkieOdLtVnk8SkMYBe3O9PQgB7df3hBzSb1YjnC11KJ3Sc70ENchpREkhCHFzgZrRGEKtkfkuhYw7INX9kEsmFWi2T4fGgr-EhcnefsSm_NE9qZ93mHSAW0r-CDpvYMG6BtFOwWtwfyM5B8Od4e0XeDMlZI_Fr8Xe1RkLABNfLC2n1nlHLFOaRmQFdRJLR8bCO-PocAxgqVqoak4fyoC7tBIJbcvlsK47lKCKyHR8RvHRejaNBgTyqZT-f8qXHhPWjI3F6I6mbsCUre235BHEemOo; Max-Age=86400; Expires=Thu, 26-Jan-2023 07:01:36 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17137
Expires: Wed, 25 Jan 2023 11:47:13 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash04512fea22644dc0d22c3f3a665f6645 0e213646abfc6d9560ba562362fd9e9115be8354 124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9010
Expires: Wed, 25 Jan 2023 09:31:46 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 06:42:47 GMT
content-type: application/json
age: 1129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6cd4f1da1215c7473500807c185f2449 b14db0c67cf1f5faf85648ed8f94baf2dd03808b 9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5470
Expires: Wed, 25 Jan 2023 08:32:46 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WfF56uTxeK77qU25psZVZTf6nK6AtDNKHGgufFQdn0qiZqGLoqEfryinzgsqNpAdoYwvYuN+4AY=
x-amz-request-id: YB64E92W96G5F80F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 06:19:34 GMT
age: 2522
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 07:01:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hash91e4a1e4eced47e1aae4d7b31b7449ce eb07185c8474f71ea577ffd0b314e3d9d7a9ea6d 841165396a1cdb88727740f3f3d1a7b7e2591e18c8a5167eac36513470a4f2cf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 07:01:37 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X4eMGwEem7MJWT_o_SeEtpxzIr4JM2kMbo2G93KqNENBprpWUhFsxg==
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png | 54.230.111.30 | 200 OK | 767 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png IP54.230.111.30:0
File typePNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced\012- data Hash9f840973c585a8eebf3eb9c30c3e9afe 00c798130ea55f3da30bbbac19c418c0d01c15b0 ae301968cba4735ba233cbbd8f397aa34612d861198f60dbd073258d8b9bc52a
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 767
last-modified: Tue, 10 Jan 2023 09:02:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:21 GMT
etag: "9f840973c585a8eebf3eb9c30c3e9afe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWE7v0M6Zu76KQhKQuD5zu1IfeA39dVtWcq6a3aCUocJTkBX0nF4cA==
age: 83597
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png | 54.230.111.30 | 200 OK | 562 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png IP54.230.111.30:0
File typePNG image data, 423 x 880, 8-bit/color RGBA, non-interlaced\012- data Size562 kB (561946 bytes) Hash3db6e9a86a250c13268be4a224a40333 63fdc9bdf962bd044cc99800e68a7c945298e05b 0f3a2e2e7f8ab18b9513fd334f82e227911e2f0f378ddc63b8b34347f12534c6
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 561946
date: Tue, 24 Jan 2023 09:16:49 GMT
last-modified: Tue, 17 Jan 2023 06:07:48 GMT
etag: "3db6e9a86a250c13268be4a224a40333"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZxRGZCQp4EKBDmX-9yWvM0G0jPKfZRFWHoetDu8KI6E28GdxqJN5BQ==
age: 78289
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png | 54.230.111.30 | 200 OK | 42 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png IP54.230.111.30:0
File typePNG image data, 165 x 212, 8-bit/color RGBA, non-interlaced\012- data Hash736e7e354b90708992ab2d838a8b04f1 8ae5ab0feb3a125ea34ea358b5ec10f4383c5e1a 89b7de644238c265d038359a986d7465cd92738a7fe69e6abb8824a9c37f6f5f
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 42079
last-modified: Tue, 17 Jan 2023 06:07:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:40 GMT
etag: "736e7e354b90708992ab2d838a8b04f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L8wC9CG4Yh5H4mby08d5nudrBmmNf5VmWAlOEwG5NXVzzCy_tLAaVg==
age: 83578
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png | 54.230.111.30 | 200 OK | 57 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png IP54.230.111.30:0
File typePNG image data, 203 x 249, 8-bit/color RGBA, non-interlaced\012- data Hashfc87e6a06c9842b4bd244f8bd8e33fd4 b0bf120fc2abd7c534893b8023efc22f3e641e31 dfb6ecde497777903127055cbee46dd838794c655d80071c17fc466acdb1431a
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 57134
date: Tue, 24 Jan 2023 07:38:09 GMT
last-modified: Tue, 17 Jan 2023 06:07:46 GMT
etag: "fc87e6a06c9842b4bd244f8bd8e33fd4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -UgkfnDrZG6_pKr6bpY-DMyToPRRDnw9LBE5PxRxAVoxsnGkzmVbWQ==
age: 84209
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg | 54.230.111.30 | 200 OK | 1.3 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash2aa0d43e70d60d76ac4bdff139f8c7cb d7e3433297ad90f5d99249aee29b645265c9f3eb e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1293
last-modified: Tue, 10 Jan 2023 09:02:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:25 GMT
etag: "2aa0d43e70d60d76ac4bdff139f8c7cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4W6LXLNBjPAsS7Ty09Z0Y6n_THQYBgwjiBAsILC6I50qj4HNcu9FYw==
age: 83593
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg | 54.230.111.30 | 200 OK | 1.2 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf9299c2023539a8f27a6e1b12ed260e5 046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2 ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1216
last-modified: Tue, 10 Jan 2023 09:02:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 18:47:56 GMT
etag: "f9299c2023539a8f27a6e1b12ed260e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sf61jikPW_cVnQ85svPjMNFYRlp6Ype0WlIflrwHZ3Epf49hTj0z2g==
age: 44022
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg | 54.230.111.30 | 200 OK | 1.3 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash2d7f012ab9054524c755b469917c86c4 4012a215511c950261b9a612ea9a504f01e785bc c8159e3c4734f421942fa3cabec5481d80500e395b1652f22dbd18aa1150ea4f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1268
date: Tue, 24 Jan 2023 07:38:09 GMT
last-modified: Tue, 10 Jan 2023 09:02:23 GMT
etag: "2d7f012ab9054524c755b469917c86c4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8EP7gswr8da7oiKgjaNfzuCdReW0vgXNqrndTTLS5J0XgInjRX_GQw==
age: 84209
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png | 54.230.111.30 | 200 OK | 2.5 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png IP54.230.111.30:0
File typePNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data Hashe1b626392882cc25b4d891afaa68afd4 454d7abdbc2548d04feb95436ea0ab4126b4f00b ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2460
last-modified: Tue, 10 Jan 2023 09:02:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:26 GMT
etag: "e1b626392882cc25b4d891afaa68afd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rL2fLoz1Zkt6pO6pYGvDY1y6qwPc03LUIpA0ykJx4gqGDBND2iHklQ==
age: 83592
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg | 54.230.111.30 | 200 OK | 1.1 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash93a68c406cecabf85d9cca80150cff97 cb051ce9d579bc5886afc137ec9ff4a42e4fbbc4 8b55e2390a6206d5bbc8947c9003c1381e64a064239c0aa757826683b168d755
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1111
last-modified: Tue, 10 Jan 2023 09:02:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "93a68c406cecabf85d9cca80150cff97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QsnB6O_MVelsP_luQCxO_L3Y9fw-X-tNF0rorFbsl-5z4-9pF_TXKA==
age: 10834
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg | 54.230.111.30 | 200 OK | 1.2 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hashdba9ae7a7ddca56332daa3db554873ee 42c44132ec0e635fbd95b431c49c01345c963bcf 6d52f1bed6a64a89473c9b39f74c4900b8534a75d52e6bb4785d8c9046d12b8e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1154
last-modified: Tue, 10 Jan 2023 09:02:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "dba9ae7a7ddca56332daa3db554873ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BHmI01QVXoZ_Eunqnk1qxRQ0msav4z8Ur4RkUJYk9hTlr9vBXTFxCg==
age: 2557
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg | 54.230.111.30 | 200 OK | 1.1 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash04ab47334cf6507aba4897fc6184fad3 bf1018551225f851a7620e3abf84567c11e24edb 1f4e1ed5e3694cd7c748c27a2081cf05ab76866b945d55ce8a7cf8c21c424fda
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1051
last-modified: Tue, 10 Jan 2023 09:02:19 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "04ab47334cf6507aba4897fc6184fad3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iyql4c7csyDtt_O96Hdb3nRztKN1Hnq3uUfFZSaIPLPIsONk1KK4HA==
age: 12839
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg | 54.230.111.30 | 200 OK | 1.1 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash8d0a835746e47abd0e612753cd3b8500 adbb56e921d194390557dbb9afbfea9ffc29f81a a9ab01d3ccd9fad247c4d19343f45a1de228542b166e5cfe6dd0c2a613ddd064
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1129
last-modified: Tue, 10 Jan 2023 09:02:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8d0a835746e47abd0e612753cd3b8500"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rxGtEbxUDXaJ31ydKU1M9Ckg6Li0LRN3tkBbBA6Qlhc0FrEIIq73Vw==
age: 12841
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg | 54.230.111.30 | 200 OK | 1.4 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash2f1e9ab76a99474f6ab6e56f6f9609d1 6913bd46092337f0398ee3e2a964406fcee7bb8e 1e31e659dabaaa79c7efa58b72d2e982e7598db298084cd2865e354425287330
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1377
last-modified: Tue, 10 Jan 2023 09:02:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "2f1e9ab76a99474f6ab6e56f6f9609d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QdWF-VBRnqyiPJU8OhbdXMul_EevfKIl8iCfwJFyxIPS5bDZZgQ65g==
age: 12839
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png | 54.230.111.30 | 200 OK | 1.7 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png IP54.230.111.30:0
File typePNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Hashb699975b5fe73b087e711a33ff24ee1e 0e33cc5c32a5e7d18440751e3946076664caaf53 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1726
last-modified: Tue, 10 Jan 2023 09:02:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:43 GMT
etag: "b699975b5fe73b087e711a33ff24ee1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lpWcHsjEHgo5sNfmqsUBYlFORpiYP9xtNxyvRj38Igu3Su4WzKw3Jw==
age: 83575
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png | 54.230.111.30 | 200 OK | 4.9 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png IP54.230.111.30:0
File typePNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data Hash0e786b7344ac0b63609290a3a415fc4f c2e77827e895aaa13522f1c5c0ef79d4caef0bb2 f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4919
last-modified: Tue, 10 Jan 2023 09:02:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "0e786b7344ac0b63609290a3a415fc4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zPpvxb0SKfPdjoVipkhZdbvZHaD-Z8tap5VCE8sizW3dBCIKuCid-g==
age: 3888
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png | 54.230.111.30 | 200 OK | 229 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png IP54.230.111.30:0
File typePNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data Hash988234626ae7a880ed9c6a92f6336c0f 173967c2b59baed4a06997d874aba32ab65da201 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 229
last-modified: Tue, 10 Jan 2023 09:02:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "988234626ae7a880ed9c6a92f6336c0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: efyUkQJOAYDV-kbY8l2aVIbPmipb1j0lMSNKcRUpXj-778RCHmaOtg==
age: 3888
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png | 54.230.111.30 | 200 OK | 124 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png IP54.230.111.30:0
File typePNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data Hash8f68efd9388ccd80b43759b2ed542305 9f2cf96efe3bdec2ab64bc51856619cc02958fe6 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 124
last-modified: Tue, 10 Jan 2023 09:02:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8f68efd9388ccd80b43759b2ed542305"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9lgQQuzdz62ybOaRnHbMOmaymWLN73IkUpZM9yRoC35oKE80BZ9LAw==
age: 12841
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png | 54.230.111.30 | 200 OK | 641 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png IP54.230.111.30:0
File typePNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data Hashe9b3872b3e63e19728176d45f0aa6986 b638f89d5d80c4cd65327da973c52f778e30bd55 a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 641
last-modified: Tue, 10 Jan 2023 09:02:29 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "e9b3872b3e63e19728176d45f0aa6986"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WzF-aPSD0bDYa0R5oqOD7C0Suq3h4Z-x7zs6TKfrTp-mxD_1JgQqig==
age: 12841
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png | 54.230.111.30 | 200 OK | 109 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png IP54.230.111.30:0
File typePNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data Size109 kB (109151 bytes) Hash3ae8e9c19f72680e3b612c7dad852073 359fb5f4f5f498b9cc5f38920e90eb000904f669 0964d4a08d0e9f9b6877b9c07c2724d16c23569a1cc39857a83564af26875413
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 109151
last-modified: Tue, 17 Jan 2023 05:44:23 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "3ae8e9c19f72680e3b612c7dad852073"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ikJiwvuI46v9nH4cuGDnaHRa5lHIRplGekevwqIHGZXp2N-gywOlyQ==
age: 3889
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png | 54.230.111.30 | 200 OK | 2.8 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png IP54.230.111.30:0
File typePNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data Hashf278c8d30fc51b72e0774b9ecb49214c 03b574db82b31ee5758eb5093fda8ea25d1b00d8 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2814
last-modified: Tue, 10 Jan 2023 09:02:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "f278c8d30fc51b72e0774b9ecb49214c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _XyamHYDtD9OiN71WDHXjm3cnu0SDxQ8XRmewoUQM0D3p_mVldAbxA==
age: 10834
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg | 54.230.111.30 | 200 OK | 1.3 kB |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg IP54.230.111.30:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash8224e96358b5f3cff15b5a95dda8bf16 159b632deb160c901c9b8754715272a070c1945b c67dfaceacc0ecf671300a3636ae7d464d873385a9077f3fa207f4053b681dfc
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1314
last-modified: Tue, 10 Jan 2023 09:02:24 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8224e96358b5f3cff15b5a95dda8bf16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kxZ-fkm4NUR_VY5cxKTfvE3InNKFyUuEvu5nPGdXfemY4ZUtJBPhuA==
age: 3889
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 06:48:59 GMT
age: 758
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hop.greenbluefrog.click/js/pub.min.js | 108.178.23.115 | 200 OK | 1.5 kB |
URL HTTP/2hop.greenbluefrog.click/js/pub.min.js IP108.178.23.115:0
File typeASCII text, with very long lines (2752) Hash31c303586c1b78e33984bd252b8e2644 8083e2aad4cbf8242a4e6fb53657d49552b85f82 d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /js/pub.min.js HTTP/1.1
Host: hop.greenbluefrog.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 07:01:37 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Thu, 26 Jan 2023 07:01:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc398b6b39d11d25b8ae9bc5cd94a1c98 640aa8c399ced71d0c2a9f5a90fbaf091b01d642 a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3883
Expires: Wed, 25 Jan 2023 08:06:20 GMT
Date: Wed, 25 Jan 2023 07:01:37 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.81.36.195 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.81.36.195:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kzyHfXTYilfQF3BgPDa9rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P1mILk0IiHGwnUjJ9kvlXuQMK4s=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4cb7be12333fa7ea3353901b4b3215af 4b758cc432874384f330568177eef5a328d7e69a d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:28:51 GMT
age: 12768
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03ba93e6c29fb268712e33228fa5ee38 2528a659d067ce39b31d5d8a0a9943e313a4caa6 2a3dfcbafd31bfc0cc653f9f43cfa98206334551b8ab76e9ab6d20338c8d6e1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: dd368937-de20-4e2a-82e3-e82bc20a806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AtgGu3oAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-7efe789a5411c14a74ec327a;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MDBCOwO8k543vmWo7ROvYyqyzju9iJIyGZvMpzHv7VqIoats0p3Nxg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:10:42 GMT
age: 75057
etag: "2528a659d067ce39b31d5d8a0a9943e313a4caa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6fa8338e574e2b8272ad3ca7cd9d1d63 298cafecdcac99de25fe5c2c4c993487f73ced6b f75c20ebc4c0db2df40d958337cd87768714bdf53a48609ad0f97b7129b0b100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 19:26:10 GMT
age: 41729
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24a73392615d623dc852bdab43c9f133 3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4 edc11bdc8b40a513dc62b32f7eff0ba1f80db27208bd80bd16235da3c369157b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5732
x-amzn-requestid: 779904e5-f2c8-4d10-a3bf-0ed43b9ca019
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULOFf3oAMFfUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-22f5fe110d67b7d8215368d4;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kYNlMFpl4zmNWdYW1WatxKIqjZw4lWONAX0uXKBi0mfwzND1kTeLOg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:55:37 GMT
age: 61562
etag: "3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash13891ffe8a0cc240be63b7945e4b7688 958b50e9e7e5e02882d55612a5d6d2402e225390 1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:16:15 GMT
age: 13524
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2130ca0-4287-4def-9d97-00fdb518ced4.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2130ca0-4287-4def-9d97-00fdb518ced4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6254fc1aaa5fbb1d87114b5b28d52c40 8d7bd3af0b9bfc3d3eb2751cb1ba211169eaefe8 866e0b364026754b2a88d73da5ccabf5b5df59fb75bc60b3aa5c66e8322ee764
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2130ca0-4287-4def-9d97-00fdb518ced4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7691
x-amzn-requestid: ee5858ec-ae6b-4a83-81f0-84903bea9786
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5HGwRIAMF2Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-1b9f899e1d9e9ba67adbeeac;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59rOv8-DhAIGQx240tISV3X6FskvU33S-4LVzv8fP45qQilEpp2VwQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:11:49 GMT
age: 10190
etag: "8d7bd3af0b9bfc3d3eb2751cb1ba211169eaefe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f | 54.230.111.30 | 200 OK | 0 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP54.230.111.30:0
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 17 Jan 2023 06:13:38 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: W/"cc6eada5afc77c57851d87ea0806b9e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CaQOyqdHYptNCZSuGg61ngQBEioZnZvUOLVFVgj46HJ-lgq6oV-c6Q==
age: 13624
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css | 54.230.111.30 | 200 OK | 0 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css IP54.230.111.30:0
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 24 Jan 2023 09:34:50 GMT
last-modified: Tue, 10 Jan 2023 09:02:18 GMT
etag: W/"8c24a5cb4c55b9d6cd3029f5fd2c6fe7"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WCJFO8Qn3IB6fGhr3yh3oC-GdmXWCON4VwVdJ_jWXnr_0_rgnrEEOA==
age: 77208
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js | 54.230.111.30 | 200 OK | 0 B |
URL HTTP/2www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js IP54.230.111.30:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 09:02:41 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: W/"f775da719fb8bd4bf8037463f5cb36e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 06Um9VAMHih-rc6PeEgn9KsNpsOCaNYuuxI7AjuQ68FK1XVU-vw2Jg==
age: 3889
X-Firefox-Spdy: h2
|
|
| www.luckyducky.pics/favicon.ico | 54.230.111.30 | 403 Forbidden | 0 B |
URL HTTP/2www.luckyducky.pics/favicon.ico IP54.230.111.30:0
GET /favicon.ico HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 25 Jan 2023 07:01:37 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 16gYUZ38MqqQfwwNZ0l6XGOMpGPNE-TIKvJxD9StcZp3FqXhEojiMw==
X-Firefox-Spdy: h2
|
|