r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14415
Expires: Sun, 13 Nov 2022 01:58:49 GMT
Date: Sat, 12 Nov 2022 21:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sun, 13 Nov 2022 00:54:37 GMT
Date: Sat, 12 Nov 2022 21:58:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5102
Cache-Control: max-age=136663
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:58:34 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 11:56:17 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zOVYjFWv6Fbqwx8JjDvlpKsv3BKha3swmzi7/FYxG4EhqMpAwAO1X+KEP7WfcObITpZpFOadNKM=
x-amz-request-id: EFQSKW2SMZ7D0ASX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 21:50:26 GMT
age: 488
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 21:44:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 871
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
45.76.148.82301 Moved Permanently 965 B URL HTTP/1.1 26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
IP 45.76.148.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (632)
Hash 24c653f15d4e84352021ef567ff91794
78b1c4237d7ad84e9db539f23afd9ef95b3f7d8b
0c2c9eb51a16fdb07026e26f890a86342a73a8259405c9493dbc4ca6d764c2ec
GET /engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154 HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 21:58:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 965
Connection: keep-alive
Location: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 21:44:48 GMT
cache-control: public,max-age=3600
age: 826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2700
Cache-Control: max-age=129197
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:58:35 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 09:51:52 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gQBcUbgxDiPGb9wqOmQ5Mw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b3NmpG9hqpk/0dWLQ07KDPeSTY0=
26.winprizes526.digital/engaff/img/landers/prizewheel-fb/notification.png
45.76.148.82200 OK 449 B URL HTTP/2 26.winprizes526.digital/engaff/img/landers/prizewheel-fb/notification.png
IP 45.76.148.82:0
File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Hash bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: image/png
content-length: 449
last-modified: Sun, 06 Mar 2022 03:36:18 GMT
etag: "1c1-5d9847364f483"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/landers/prizewheel-fb/prizewheel_spinner.jpg
45.76.148.82200 OK 32 kB URL HTTP/2 26.winprizes526.digital/engaff/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Hash d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: image/jpeg
content-length: 32496
last-modified: Sun, 06 Mar 2022 03:36:18 GMT
etag: "7ef0-5d9847367a406"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
45.76.148.82200 OK 39 kB URL HTTP/2 26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
IP 45.76.148.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1005)
Hash 8d78dc1b5614f0521200eaa7deac9c09
2292c6c981478a0ab3a6eaca8d1f591493d48d6e
fe75a0e34fd754903bc2461ea8dc89980ae3d2d16962bb6f3b0140f900bbd5a4
GET /engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154 HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 06 Jul 2022 04:55:18 GMT
etag: W/"2edb-5e31bc68f6fd3"
content-encoding: br
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/landers/prizewheel-fb/loader.gif
45.76.148.82200 OK 5.1 kB URL HTTP/2 26.winprizes526.digital/engaff/img/landers/prizewheel-fb/loader.gif
IP 45.76.148.82:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: image/gif
content-length: 5083
last-modified: Sun, 06 Mar 2022 03:36:18 GMT
etag: "13db-5d9847364f483"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 21:58:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 21:58:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 21:58:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 21:58:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 21:58:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a09e7de-c2b9-4cf4-a032-cdce1be83c46.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a09e7de-c2b9-4cf4-a032-cdce1be83c46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed1df7954a5380cf2c090a4a20e3035
32b8ed02d309d66ac642683470d5f799e22afeaf
7a4b252d81b5ee8a8904aeb572110e78d5ecc3e80c11ead3158d863784bcbff1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a09e7de-c2b9-4cf4-a032-cdce1be83c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7394
x-amzn-requestid: 78860ce6-f1ce-40a6-a901-3630dcdd6c3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bekDRHb6oAMFU_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f4d47-1534ce03076a581f5721b4ba;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s7Qs5JcCh9H0SevsGfU4qw5PrtDxFPsa5o6HPXIuHHY7NzYcn8guAg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 247
etag: "32b8ed02d309d66ac642683470d5f799e22afeaf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fd9f2cf5d5cbda75b55b310034f8294
58ebbd459c47d5f773da1da77f370286e006ae30
6b04a734b7e10e329df43e107462906f1690c95783cad69d56a412955b88d66e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11388
x-amzn-requestid: 476bbb49-4bd4-408f-b82f-3dfd52dcf7ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfNdEYsoAMF0HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63701255-06630c41353045dc5e5d58b8;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -wI4Gprap42Eewd0DwppPQcSN4Bj5LX-PDAGk-eo-UCk8TuX_Dd9_A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 352
etag: "58ebbd459c47d5f773da1da77f370286e006ae30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 963e34ce83d464bdc36f27599567a6b2
2ec4f95fcc2f343613d6bb659f6b58b541f426e6
027d57074d662088658af176b9f5cbd017b5f8f3606fcb8cea2f143cd7736b7e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 9e8e1034-478d-46da-9bf9-b5a4798ff09a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: benOQHszIAMFhZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f525b-3c5a78755099e8465a89d6c3;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:59:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sqoUAlONIsPhyLsjkzLlFfGejRvKAM4MaILN2KIf-q3Amlf6I4IB0w==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 247
etag: "2ec4f95fcc2f343613d6bb659f6b58b541f426e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26249508ef18eac51cf62cf6e90339a4
a9922959c532dd26f21bda4f74ee1fa8496e862e
25075ef6337bae8e60412cdca98afbae6aca61d889aadce4cbad4a8522f4c4b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7867
x-amzn-requestid: e05d4978-6f46-4395-8121-4d969a222328
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqFWIoAMF01A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-4033150d0180e56e2965e26e;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDkJ7OIcS3FiDPufRTj5VtL5CMxbNN2o2Zq50QQ9UNeDw4uE4j3jrw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 247
etag: "a9922959c532dd26f21bda4f74ee1fa8496e862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 271563e0590df14c6116ae1925628b82
ef661c6f2999fe153d92a1c51208f08289236df6
fc6c3a8ac5268b1f646fc397e0d8630bb16df39a6c8a19e952417723062dbb51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9089
x-amzn-requestid: 6abc1d88-e1db-4bd3-add1-89bf9e31c836
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLrHNpoAMFyYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-7c19aafb547d2f1c0f861f2c;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1s6DaqcGwm6NJQpHHDlRqK2kVgPY7-wfh8ltzXzrnrdAbq_wAOEcWg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 247
etag: "ef661c6f2999fe153d92a1c51208f08289236df6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff186777a-5327-41b7-9918-a7c7b298fdaf.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff186777a-5327-41b7-9918-a7c7b298fdaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6caf0847d9e16ba6710405aadf02f01
92a599f4dd1df4a38cca5e095790f787f442d2a2
b42dba826012a7c62aeb1869e53b896b47aaca8a278952771560a2234b45563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff186777a-5327-41b7-9918-a7c7b298fdaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2753
x-amzn-requestid: 4564ab0e-5b18-4958-983e-e847272f3ed4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bes3HECWoAMFcPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f5b60-2b9a73bd648cf08c3d851799;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 08:37:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ua0TzVb8Q4i_4sIgvNYbYEF37AkzvvOM4rk_D8_RIfSWrKEXMq7rkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 13417
etag: "92a599f4dd1df4a38cca5e095790f787f442d2a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/female/3@0.25x.jpg
45.76.148.82200 OK 2.7 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/female/3@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2790f79b7e764407ae4b87a9dc30734b
30f0a1e4d30ac25108f2d0487f49944fbe630b72
8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/female/3@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2727
last-modified: Sun, 06 Mar 2022 03:36:21 GMT
etag: "aa7-5d9847391ffe7"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/landers/prizewheel-fb/prizewheel_static.png
45.76.148.82200 OK 3.4 kB URL HTTP/2 26.winprizes526.digital/engaff/img/landers/prizewheel-fb/prizewheel_static.png
IP 45.76.148.82:0
File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Hash dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/png
content-length: 3370
last-modified: Sun, 06 Mar 2022 03:36:18 GMT
etag: "d2a-5d9847367f226"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/male/3@0.25x.jpg
45.76.148.82200 OK 2.5 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/male/3@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2c188d082f97b0a5b29c92dbaf7a9787
f2a3828b68ba4d06d450832a977c48a22360d5eb
afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/male/3@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2518
last-modified: Sun, 06 Mar 2022 03:36:22 GMT
etag: "9d6-5d98473a35575"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/male/10@0.25x.jpg
45.76.148.82200 OK 2.3 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/male/10@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2ec37a714ba9202b2492cc1eff504041
29d005604784110044c80c13610ec1fe946a7d83
278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/male/10@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2302
last-modified: Sun, 06 Mar 2022 03:36:22 GMT
etag: "8fe-5d98473a09653"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/female/6@0.25x.jpg
45.76.148.82200 OK 2.8 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/female/6@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash af242991b9a56424739c63a6bd4090a7
7b41b3b2cfbbe69a865efa8863883bf029738b6e
c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/female/6@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2766
last-modified: Sun, 06 Mar 2022 03:36:21 GMT
etag: "ace-5d98473952c6a"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/male/9@0.25x.jpg
45.76.148.82200 OK 3.1 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/male/9@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 4c30d4f61201b822adcfa58dbe32389c
9d9edd23a3b074135d9e043b5d1e52d8dbe29c91
19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/male/9@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 3146
last-modified: Sun, 06 Mar 2022 03:36:22 GMT
etag: "c4a-5d98473a3a395"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/prizes/iphone-12-pro-max/proof.jpg
45.76.148.82200 OK 23 kB URL HTTP/2 26.winprizes526.digital/engaff/img/prizes/iphone-12-pro-max/proof.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Hash 029d38095e06ced0688fd67a58e70781
b5bdaddeb39b947c35f883f001f34dd163bcb362
5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 23152
last-modified: Sun, 06 Mar 2022 03:36:19 GMT
etag: "5a70-5d98473792873"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/female/5@0.25x.jpg
45.76.148.82200 OK 2.0 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/female/5@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 732da0e5f3968ec3d9014a6bbb62c04a
5d306c8778fdcac19f03542fccaf31df1cb8a783
d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/female/5@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 1960
last-modified: Sun, 06 Mar 2022 03:36:21 GMT
etag: "7a8-5d9847394bf09"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/female/1@0.25x.jpg
45.76.148.82200 OK 2.8 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/female/1@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 9ef452251daa9ff9fbdc5fe827a35061
2cb40a02efce5fd8772f57b8e9737018fed3f9ba
355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/female/1@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2781
last-modified: Sun, 06 Mar 2022 03:36:21 GMT
etag: "add-5d9847391ffe7"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/profiles/african/male/2@0.25x.jpg
45.76.148.82200 OK 2.1 kB URL HTTP/2 26.winprizes526.digital/engaff/img/profiles/african/male/2@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 0f15632c24d4646c58f30feaa3baaa8a
a7f319366432f5a63d7f11d30b0a6c9cb6398b64
4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /engaff/img/profiles/african/male/2@0.25x.jpg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/jpeg
content-length: 2053
last-modified: Sun, 06 Mar 2022 03:36:22 GMT
etag: "805-5d98473a09653"
accept-ranges: bytes
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/js/app.js?id=0601d5f2aaa1656cef1f
45.76.148.82200 OK 0 B URL HTTP/2 26.winprizes526.digital/engaff/js/app.js?id=0601d5f2aaa1656cef1f
IP 45.76.148.82:0
Analyzer Verdict Alert fortinet Phishing
GET /engaff/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 06 Mar 2022 03:36:17 GMT
etag: W/"3d1-5d9847352f315"
content-encoding: br
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/css/app.css?id=c588c17324f2be0e0ec9
45.76.148.82200 OK 0 B URL HTTP/2 26.winprizes526.digital/engaff/css/app.css?id=c588c17324f2be0e0ec9
IP 45.76.148.82:0
Analyzer Verdict Alert fortinet Phishing
GET /engaff/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 06 Mar 2022 03:36:16 GMT
etag: W/"21-5d98473468f2b"
content-encoding: br
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
45.76.148.82200 OK 0 B URL HTTP/2 26.winprizes526.digital/engaff/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
IP 45.76.148.82:0
Analyzer Verdict Alert fortinet Phishing
GET /engaff/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 06 Mar 2022 03:36:17 GMT
etag: W/"da7-5d98473592cda"
content-encoding: br
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5
45.76.148.82200 OK 0 B URL HTTP/2 26.winprizes526.digital/engaff/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5
IP 45.76.148.82:0
GET /engaff/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 06 Mar 2022 03:36:21 GMT
etag: W/"24ab5-5d984738ca0e3"
content-encoding: br
X-Firefox-Spdy: h2
26.winprizes526.digital/engaff/img/fb-like.svg
45.76.148.82200 OK 0 B URL HTTP/2 26.winprizes526.digital/engaff/img/fb-like.svg
IP 45.76.148.82:0
Analyzer Verdict Alert fortinet Phishing
GET /engaff/img/fb-like.svg HTTP/1.1
Host: 26.winprizes526.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.winprizes526.digital/engaff/phaff2021n2.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=e8RWuOSphH3yl5gxcuod5TWicKgYks1Su0VoqCouTQI8RI2Mh9VcuV56Vda7QyxUtyp5s6Stk9V-edSTAeCCpyt4OyD1Tl1fTBMVW3EgQNuKxBQURVzTbxwIKTaw9wo7B9dldkZrMNE8OnycISpcnYEDTDyVcW4U05aBwbL5sb64ngXZ2ollYDLMnjXG521bIE-S7AWVnibRCJCkUKn06DKI0U_m1AFJ0LF38dLvBkqYCghEOdcMK1IK_ryC70kT8P66gTCjLxQLzLFffurY_BhejoJEJ74x9TO6QcAB-ZSyu3jidl4zAQF3hatjQuSGuwuqAnQYmTvWmIf7U-qVD89q9rHOLtArTpIR_n1eiF-HMK05Lu3vCyxUaNyI-SRjDA6nWL1puGCHbvqW1MsNhx1FbihJO0wQ-25JLViLSVE&lptoken=161e68872944214f0154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:58:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 06 Mar 2022 03:36:16 GMT
etag: W/"1213-5d9847348c1ad"
content-encoding: br
X-Firefox-Spdy: h2