firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 14:52:52 GMT
Expires: Sun, 23 Oct 2022 15:39:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YqDyNiRFdktCGG68IItomFd4pc2XbH7XH_N38m8IaFE-0pq6o66BhQ==
Age: 99
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12295
Expires: Sun, 23 Oct 2022 18:19:26 GMT
Date: Sun, 23 Oct 2022 14:54:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Sun, 23 Oct 2022 18:20:42 GMT
Date: Sun, 23 Oct 2022 14:54:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eK55PwwiojzizrNtSWM+oYBxheAXlPTsA7NUNqPXhzbrjs2mczRCw7cS/CzvJ7R4eu5Iv78Pm+koRnZ9jH1TyQ==
x-amz-request-id: ZTW4DPR4VXPJEE72
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 14:08:07 GMT
age: 2784
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 14:54:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.biltma.se/
200 OK 2.4 kB IP
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2174)
Hash 830400d8eb33365f659c09163eb1d141
99792a754fccc022cf8676a385a4526e4e2bd263
c879961c0b056509864e232894d315e71545fee536c599a5a169ebb8641df2f3
GET / HTTP/1.1
Host: www.biltma.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.biltma.se/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Sun, 23 Oct 2022 08:20:16 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9tbt53-VmB5rtvhRGs7wuC0LW8wtY26JPZtLbYv2E-1FzIpfasVSPQ==
Age: 23656
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 14:43:40 GMT
Expires: Sun, 23 Oct 2022 15:39:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MIrzmqWipwAA2IestAv9jls9o8zDv8l_pLsGgbbkZVFNNlw6TwmIxA==
Age: 652
ocsp.digicert.com/
200 OK 471 B IP
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4984
Cache-Control: max-age=153315
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 14:54:32 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:29:47 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.biltma.se/track.php?domain=biltma.se&toggle=browserjs&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D
200 OK 20 B URL HTTP/1.1 www.biltma.se/track.php?domain=biltma.se&toggle=browserjs&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=biltma.se&toggle=browserjs&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D HTTP/1.1
Host: www.biltma.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.biltma.se/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.biltma.se/ls.php
201 Created 0 B IP
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ls.php HTTP/1.1
Host: www.biltma.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2126
Origin: http://www.biltma.se
Connection: keep-alive
Referer: http://www.biltma.se/
HTTP/1.1 201 Created
Server: nginx
Date: Sun, 23 Oct 2022 14:54:32 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 635555a8ecff4d104c2260f2
Charset: utf-8
Access-Control-Allow-Origin: http://www.biltma.se
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_XBJvCr+X6bmcwh5faTXSTn9ZuhAQLZngAry4LlPD3Mvce72wBqkbFM2M9VyD2Z5sL0Og1h5ocFj4Lj1Fdhhbfg==
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NWXDwOg2lqXO6Uq/qzluFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N1Tjv12NT0o9tLbl8KTiJ3VBVtE=
www.biltma.se/favicon.ico
200 OK 0 B URL HTTP/1.1 www.biltma.se/favicon.ico
IP
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.biltma.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.biltma.se/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:32 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www.biltma.se/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=biltma.se&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzU1NTVhNzhhYmRhfHx8MTY2NjUzNjg3MS45NTg5fGM1YjRkNjg5YTI0OGNlNWU2YjFmMzQ2NDEyMzdlNTljMWI5ZjRjYmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmMzA2Y2QwZmQzOWIzZTRhNTNmNGEzNDhjYjI2ZmU4YWIzOTE3MGZifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
200 OK 20 B URL HTTP/1.1 www.biltma.se/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=biltma.se&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzU1NTVhNzhhYmRhfHx8MTY2NjUzNjg3MS45NTg5fGM1YjRkNjg5YTI0OGNlNWU2YjFmMzQ2NDEyMzdlNTljMWI5ZjRjYmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmMzA2Y2QwZmQzOWIzZTRhNTNmNGEzNDhjYjI2ZmU4YWIzOTE3MGZifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=biltma.se&uid=MTY2NjUzNjg3MS41NjgzOjZlNTYzZThiZmEyNDljZTZhODc2MmE1ZTA5NWE1MWVjMmViYzgwN2EyMDI1OGQ1NTUwMDc4OWJkYmU1OGNjYmI6NjM1NTU1YTc4YWJmMw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzU1NTVhNzhhYmRhfHx8MTY2NjUzNjg3MS45NTg5fGM1YjRkNjg5YTI0OGNlNWU2YjFmMzQ2NDEyMzdlNTljMWI5ZjRjYmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmMzA2Y2QwZmQzOWIzZTRhNTNmNGEzNDhjYjI2ZmU4YWIzOTE3MGZifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www.biltma.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.biltma.se/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
lykos-bzm.com/zcvisitor/99f266c6-52e2-11ed-8cd8-12178e041ec7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=51693c60-0776-11ed-8989-128084d1ce51
200 996 B URL HTTP/1.1 lykos-bzm.com/zcvisitor/99f266c6-52e2-11ed-8cd8-12178e041ec7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=51693c60-0776-11ed-8989-128084d1ce51
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fcf5b35b546ce2f99a05b4bfada051c2
58d4c9c6008e8372a76edd08bee283ce20d52f4d
cb2c48010b649519e8cf5b21f3f7bdd8533cb61780d8df275d4bcd8318c4a7d9
Analyzer Verdict Alert quad9 Sinkholed
GET /zcvisitor/99f266c6-52e2-11ed-8cd8-12178e041ec7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=51693c60-0776-11ed-8989-128084d1ce51 HTTP/1.1
Host: lykos-bzm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.biltma.se/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 23 Oct 2022 14:54:33 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZclaPcaA
lykos-bzm.com/zcredirect?visitid=99f266c6-52e2-11ed-8cd8-12178e041ec7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
200 692 B URL HTTP/1.1 lykos-bzm.com/zcredirect?visitid=99f266c6-52e2-11ed-8cd8-12178e041ec7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash 5b47ac00553e6be5ef14f08bfe62291d
a64e93ee2bd209a033f8733a42c5203681b3db59
02dd96f4c7dc4b5b06ded012b6eec89c0ce6d5498d94b3cefe707ae219016c8f
Analyzer Verdict Alert quad9 Sinkholed
GET /zcredirect?visitid=99f266c6-52e2-11ed-8cd8-12178e041ec7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: lykos-bzm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lykos-bzm.com/zcvisitor/99f266c6-52e2-11ed-8cd8-12178e041ec7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=51693c60-0776-11ed-8989-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 23 Oct 2022 14:54:33 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ytiiIJFI
track.appnow.sbs/zp-redirect?target=https%3A%2F%2Fprizezones.life%2F%3Fu%3Dxunwwwr%26o%3Db08p0zy%26cid%3Dw594b5nclhbkguuji276419c&caid=0c123f4f-cca1-4626-a132-a7952ffa351c&zpid=99f266c6-52e2-11ed-8cd8-12178e041ec7&cid=w594b5nclhbkguuji276419c&rt=R
302 Found 0 B URL HTTP/2 track.appnow.sbs/zp-redirect?target=https%3A%2F%2Fprizezones.life%2F%3Fu%3Dxunwwwr%26o%3Db08p0zy%26cid%3Dw594b5nclhbkguuji276419c&caid=0c123f4f-cca1-4626-a132-a7952ffa351c&zpid=99f266c6-52e2-11ed-8cd8-12178e041ec7&cid=w594b5nclhbkguuji276419c&rt=R
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fprizezones.life%2F%3Fu%3Dxunwwwr%26o%3Db08p0zy%26cid%3Dw594b5nclhbkguuji276419c&caid=0c123f4f-cca1-4626-a132-a7952ffa351c&zpid=99f266c6-52e2-11ed-8cd8-12178e041ec7&cid=w594b5nclhbkguuji276419c&rt=R HTTP/1.1
Host: track.appnow.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lykos-bzm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 23 Oct 2022 14:54:33 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://prizezones.life/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c
pragma: no-cache
set-cookie: cc-v4=VWRjdgoeuurR8l9twY%2F45xzarW4YcNmyBTI474TWzt9BLTq1Zi32ODZ7Y%2FVp7AezMYIP%2FtQO%2FEp7PAsLJe1XghYhvTdo2HC7CGv%2BV72VAlJNozm8oeDQiY77I%2FbECsq0LFRCzzr55MJIhMC3MQ%2BlEw%3D%3D; Max-Age=31536000; Expires=Mon, 23-Oct-2023 14:54:33 GMT; Domain=track.appnow.sbs; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
lykos-bzm.com/favicon.ico
404 653 B URL HTTP/1.1 lykos-bzm.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: lykos-bzm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lykos-bzm.com/zcredirect?visitid=99f266c6-52e2-11ed-8cd8-12178e041ec7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Sun, 23 Oct 2022 14:54:33 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: DBSplLvv
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18030
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 14:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18030
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 14:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18030
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 14:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 86c39b4e37d588c589ca9a34fc6b3d5e
5e114313d93220337635849b81ec39d5790c6aff
0740954b0c73896cf8f31a37c2715f029c08fd7c66e4b4d7678fa55cb0fc81a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0740954B0C73896CF8F31A37C2715F029C08FD7C66E4B4D7678FA55CB0FC81A8"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17477
Expires: Sun, 23 Oct 2022 19:45:51 GMT
Date: Sun, 23 Oct 2022 14:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: 38ca5b87-35e4-46d5-aa1a-15433660ab86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZGifEXzIAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63538476-6c2e5d980616d50c0ef8698a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 05:49:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpE5uiagdaNLvVqbkou7bVNaLYPZ9vhYawucSE36lWIp65bga3gN2w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 08:04:17 GMT
age: 24617
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7d9a7abaf87962b855521efa710812f
a3e88fdb581161ee4a77a2e871b5dbf6438740ff
77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10309
x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkTaoHWCIAMFwsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MBUhf5kPAItEZUj03TKeekl9YXcbeh1KeoYnI4rb_v9eBptmVoEgAA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:03:35 GMT
age: 60659
etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash baacb85509de0c5f8c3d8354f02232a7
f9190f9b694f92d385686984a8c2c7880ac4c22f
0dba837f537fc8701c1b28ca4ed0977716462f0f669b09c05084a0ca2731b32c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 8b40aab0-2ced-4e28-85af-a3d1f1347382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYqSE6eoAMFsmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa174-5618d2d53211d0733d8f4765;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AIxEjJ50nqrnGbXeIEhF2PXtRR2ALnO7eHjUAOB6mA89qoBZrgK9rA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 08:25:11 GMT
age: 23363
etag: "f9190f9b694f92d385686984a8c2c7880ac4c22f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3c188b6071e2e3725d0eafc38e0a97a
894517b00535a08a4750510a8c74cd7bff5ce3a6
2b06cd431d93eb12fccc7061bd5a5be4e50b47c4410762034937584d8a8d06a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11582
x-amzn-requestid: 20307063-f434-4fb9-8cf8-d8c93b8fc3c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqFmeoAMF5EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-76156e37226bff5674a219e9;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: k3Dk91gOozMKKg38TkOGdPtPjfIEtHpHCvg1u3dJURco32kNiHJMQg==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:45:32 GMT
age: 61742
etag: "894517b00535a08a4750510a8c74cd7bff5ce3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5cf985ceb648df52d3cf5eb47c7705bc
8b0c5f567e25d9bf54263bb3c60b12db225feb81
9c8551a2d891562e12b9a30966dbd9221a041669db0cbb4395d6fa56791ef0dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8631
x-amzn-requestid: 536a4908-2fd7-4544-9159-ec2acc55a2bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZH2zoAMFYvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-4d76adc023701d0228f951d1;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AvTOiWu0BF1Bxb5m_FlJhMqpgoNbJjUfTnZhZePfjqRCL5XVJEglpg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 61858
etag: "8b0c5f567e25d9bf54263bb3c60b12db225feb81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcadefe69587d4ab5bf5ff9e71eb5cab
066fb94a6ae38e57d67001cc319eea17f837d511
45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e-Q7z6QYQB1CGZ57JUJIf6l7Ofu9nGkF-ONfTrXJb6MMegchNYMqWQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:36 GMT
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
content-type: image/jpeg
age: 61438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prizezones.life/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c
200 OK 90 kB URL HTTP/1.1 prizezones.life/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62480), with CRLF line terminators
Hash aec43fecf72e1de6dcba693c2d311de9
a95f0d4d4a4ccd26d0a9f2af557addd1ee564df2
f698dda607278ed4636f9894e54f46673ccc758fd4d5e0635629d2f22e1d355f
Analyzer Verdict Alert quad9 Sinkholed
GET /?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c HTTP/1.1
Host: prizezones.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lykos-bzm.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:34 GMT
Content-Type: text/html
Content-Length: 90142
Connection: keep-alive
set-cookie: sid=t3~okiznit43btaacm1bc5e1wiu; path=/
sid=t3~okiznit43btaacm1bc5e1wiu; path=/
p1=https://magpopnap.live/ldtgxjpt/; path=/
s1=upewx0rk32z8kixz; path=/
cache-control: private, no-transform
prizezones.life/media/mainstream/frame.html
200 OK 39 B URL HTTP/1.1 prizezones.life/media/mainstream/frame.html
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 086707e4369f60afedcafb16050a7618
8216b0cc6876cbd44f01c158e7dff3833ceccd41
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /media/mainstream/frame.html HTTP/1.1
Host: prizezones.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizezones.life/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c
Cookie: sid=t3~okiznit43btaacm1bc5e1wiu; p1=https://magpopnap.live/ldtgxjpt/; s1=upewx0rk32z8kixz
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:34 GMT
Content-Type: text/html
Content-Length: 39
Connection: keep-alive
Last-Modified: Wed, 19 May 2021 13:17:43 GMT
Vary: Accept-Encoding
ETag: "60a50ff7-27"
Cache-Control: no-transform
Accept-Ranges: bytes
prizezones.life/favicon.ico
200 OK 0 B URL HTTP/1.1 prizezones.life/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: prizezones.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizezones.life/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c
Cookie: sid=t3~okiznit43btaacm1bc5e1wiu; p1=https://magpopnap.live/ldtgxjpt/; s1=upewx0rk32z8kixz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:34 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Sat, 06 Jun 2020 22:52:24 GMT
accept-ranges: bytes
etag: "5f5ecc24553cd61:0"
Cache-Control: no-transform
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8778fe63bce611f235a6558257798067
e0b4e27b7d81cf231f817df151d3cff91e7105c9
1909898b97d444e8ccc8381f5c0904aef27e02c0b520ad354083054ddc71001a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1909898B97D444E8CCC8381F5C0904AEF27E02C0B520AD354083054DDC71001A"
Last-Modified: Sun, 23 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10402
Expires: Sun, 23 Oct 2022 17:47:58 GMT
Date: Sun, 23 Oct 2022 14:54:36 GMT
Connection: keep-alive
2314.magpopnap.live/ldtgxjpt/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c&f=1&sid=t3~okiznit43btaacm1bc5e1wiu&fp=Endzg5b8d%2BQoDjeVcY1p%2BtJ7Ol2plWOi83Shsua87QXbhGBm7iS%2FzAcSsfBHrLLYbcjZ550VGb8zjckfciTUdYhACZJL16BArGa3OWPis9QTz76ajP1J7DFm5pewz7S8W8Yz3XbE1wYPGy%2BA6iOObShyO1vu0liNCPc7%2BTRN9c7I8w96GI9ZRRV%2FRQBsOLpKak4O86odVUYc0e%2Br32ChFsrOBg%2F5wj18Mn5orO1cpQh2ihoWgCzScU17YCW2L1%2Bk%2FhMIVyHZjnIJ7rylGwZhg60UojC%2FSS%2BIWp8nB11yNxKQSLis1kG8yOYMwnw9gl8rJqBwW4G8m7LZA%2BHIWtz9eunFX5LC8J%2BznBHPJImMxZYyQbn7ljpjdIBT8Rvq0XpX%2BcQEcZfbbFaVQ1LeM9MVrOPCq%2Fioa50XidBa6AiuBRp8pN%2F1iFwhGzFxTTUuQdL5ZhRprOYHS7143BluQTeb1FicrckwxxsgWuOOBtGp0F25PKBivkBIczeWFbxmoFeKvy6w09z0DFjXOqpEFgdsSq0QmgkGNMzV3gA%2FqqXlA%2BI2uBoHs7xFK8Mso9hjw5e2qZ5ld9GoXeFDxX9hMacuQvAirzQbfzRmWXbBluk82dYIZKylxkCd%2F2nX1HLaEgdfPeZp%2F8FhmoeRix5BclwdEyanSEpQQKxTRqsqs191dQ5wqqruFBDZmbfHvPFJs2OEtq5sakZptdNBoP8ynE%2FXLRVl%2B4ol4iPqmaIeCyNSPXdNBXzIR3bO9xEFxJzm1mdyVvIMBy3iw7lOmm5Nus1iV6kGwnk2nTdtKckztNN8YbmXUHneYw7cFHFWUo7d0C06i%2Bu79rsMCsExuHS3PtSA7yZG56GM5vWXEV61xs8yrgsfw8BzB1mGCq%2B0Y37ZWxBOrp4BHJ9oVx8kQ79kiIkhPed8d%2FZjLzNLj8FiWTLAWgcbXOey7fhAxCiC5QmAcU%2FE%2F7kA%2BrEBFJbi0%2BSKQXvca065DUydNVS0doyqiczUfvXgfH7F5GdHUTnP5%2BJSCvtQ%2FNEF%2BVjkRMEOwANChVaNULgDfIbXlgBLJd8SnruePMKYdBdohT8FcRq8cu%2F5WonRJY9XRuVURX8pKWnRS2HZLFqHyzHBPVHyjLkxuyMveeRj0iKydEHwCy6a2YHiiBVNg4l89EDIDn7Bm0YJ%2BY20x2JREno38NU60qAID12qlgWHH67feyVlEyhfNwAEiiWkhmCUjG0BBWxayWBBYX%2BrL3gsly%2BgMXfizfZRCYVvJG%2FyvFBDacD%2FCaNGoB57%2BDyct7VhGln6lhhv6P7ZVM1Cr99JZnvTd0yQFG%2BTMaRbgvF0TTTl%2ByuiU1qMuakFJfjPIHy38ZhakfG8BbNuPOXwW7cklzm3wMrilOybgGO1giKxGUBOAAadYYd6rWPQJi3zCW4WCbHUfPTbLDkrVgocxmRVDUm7bmzc0V8lXmK%2BNO0%2ByNinE6meFdFAav%2BXnQWU7xNnqtvtEIctPQmQnH64h%2B1FSR8cJjvWfQFFcwf%2FymZgsIK8pCtIBeTMRBD%2BxGSQbhGhrmRqLRyEBd7A8SuNyS7ZW%2F3%2FATswAQNHTnT1qedTDPixDMUlTiEyNDD6qreAuW5YZF1Gz96Xvb6z35aYm1lpSi%2F5MgpAtAU4aSBqqu0HHnQTJM5ytYUeFIHvFpNN%2FijQtv6SCH6u0pB9hxPbFbpHM8yC9G3fzNIo8GFgtZovadazspjaiXkAPIWBfktZuxITLUoVK2QjP0rz53A0FF1r7B6u%2FUvT8nzanKSlmyf555PHLLyXP1QCBMcRpQ7eXFobcemREUtgWax8jjtYmJ9oD94cLDvwQlEYv%2BBMtGwD%2BDB9FuYSo%2FqdP5%2F9NaGKAc6hyKVwTVQQ1aRi62WGHzxJOiv0uBDAUOBdJRn26jafVDnkufO2b6ircXAJDnx22nWxh54NnF9vS6PpI2daTg%3D%3D
200 OK 21 kB URL HTTP/1.1 2314.magpopnap.live/ldtgxjpt/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c&f=1&sid=t3~okiznit43btaacm1bc5e1wiu&fp=Endzg5b8d%2BQoDjeVcY1p%2BtJ7Ol2plWOi83Shsua87QXbhGBm7iS%2FzAcSsfBHrLLYbcjZ550VGb8zjckfciTUdYhACZJL16BArGa3OWPis9QTz76ajP1J7DFm5pewz7S8W8Yz3XbE1wYPGy%2BA6iOObShyO1vu0liNCPc7%2BTRN9c7I8w96GI9ZRRV%2FRQBsOLpKak4O86odVUYc0e%2Br32ChFsrOBg%2F5wj18Mn5orO1cpQh2ihoWgCzScU17YCW2L1%2Bk%2FhMIVyHZjnIJ7rylGwZhg60UojC%2FSS%2BIWp8nB11yNxKQSLis1kG8yOYMwnw9gl8rJqBwW4G8m7LZA%2BHIWtz9eunFX5LC8J%2BznBHPJImMxZYyQbn7ljpjdIBT8Rvq0XpX%2BcQEcZfbbFaVQ1LeM9MVrOPCq%2Fioa50XidBa6AiuBRp8pN%2F1iFwhGzFxTTUuQdL5ZhRprOYHS7143BluQTeb1FicrckwxxsgWuOOBtGp0F25PKBivkBIczeWFbxmoFeKvy6w09z0DFjXOqpEFgdsSq0QmgkGNMzV3gA%2FqqXlA%2BI2uBoHs7xFK8Mso9hjw5e2qZ5ld9GoXeFDxX9hMacuQvAirzQbfzRmWXbBluk82dYIZKylxkCd%2F2nX1HLaEgdfPeZp%2F8FhmoeRix5BclwdEyanSEpQQKxTRqsqs191dQ5wqqruFBDZmbfHvPFJs2OEtq5sakZptdNBoP8ynE%2FXLRVl%2B4ol4iPqmaIeCyNSPXdNBXzIR3bO9xEFxJzm1mdyVvIMBy3iw7lOmm5Nus1iV6kGwnk2nTdtKckztNN8YbmXUHneYw7cFHFWUo7d0C06i%2Bu79rsMCsExuHS3PtSA7yZG56GM5vWXEV61xs8yrgsfw8BzB1mGCq%2B0Y37ZWxBOrp4BHJ9oVx8kQ79kiIkhPed8d%2FZjLzNLj8FiWTLAWgcbXOey7fhAxCiC5QmAcU%2FE%2F7kA%2BrEBFJbi0%2BSKQXvca065DUydNVS0doyqiczUfvXgfH7F5GdHUTnP5%2BJSCvtQ%2FNEF%2BVjkRMEOwANChVaNULgDfIbXlgBLJd8SnruePMKYdBdohT8FcRq8cu%2F5WonRJY9XRuVURX8pKWnRS2HZLFqHyzHBPVHyjLkxuyMveeRj0iKydEHwCy6a2YHiiBVNg4l89EDIDn7Bm0YJ%2BY20x2JREno38NU60qAID12qlgWHH67feyVlEyhfNwAEiiWkhmCUjG0BBWxayWBBYX%2BrL3gsly%2BgMXfizfZRCYVvJG%2FyvFBDacD%2FCaNGoB57%2BDyct7VhGln6lhhv6P7ZVM1Cr99JZnvTd0yQFG%2BTMaRbgvF0TTTl%2ByuiU1qMuakFJfjPIHy38ZhakfG8BbNuPOXwW7cklzm3wMrilOybgGO1giKxGUBOAAadYYd6rWPQJi3zCW4WCbHUfPTbLDkrVgocxmRVDUm7bmzc0V8lXmK%2BNO0%2ByNinE6meFdFAav%2BXnQWU7xNnqtvtEIctPQmQnH64h%2B1FSR8cJjvWfQFFcwf%2FymZgsIK8pCtIBeTMRBD%2BxGSQbhGhrmRqLRyEBd7A8SuNyS7ZW%2F3%2FATswAQNHTnT1qedTDPixDMUlTiEyNDD6qreAuW5YZF1Gz96Xvb6z35aYm1lpSi%2F5MgpAtAU4aSBqqu0HHnQTJM5ytYUeFIHvFpNN%2FijQtv6SCH6u0pB9hxPbFbpHM8yC9G3fzNIo8GFgtZovadazspjaiXkAPIWBfktZuxITLUoVK2QjP0rz53A0FF1r7B6u%2FUvT8nzanKSlmyf555PHLLyXP1QCBMcRpQ7eXFobcemREUtgWax8jjtYmJ9oD94cLDvwQlEYv%2BBMtGwD%2BDB9FuYSo%2FqdP5%2F9NaGKAc6hyKVwTVQQ1aRi62WGHzxJOiv0uBDAUOBdJRn26jafVDnkufO2b6ircXAJDnx22nWxh54NnF9vS6PpI2daTg%3D%3D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (841), with CRLF line terminators
Hash 2fd1d54f5e94308646501674557aace5
d1c2bd1cce61395459fe09e404dceb24afea8245
ec19fb3730249b4ab7bccbd722fbe26cd26e0c1e277cb0fc38608037bd7f39e8
GET /ldtgxjpt/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c&f=1&sid=t3~okiznit43btaacm1bc5e1wiu&fp=Endzg5b8d%2BQoDjeVcY1p%2BtJ7Ol2plWOi83Shsua87QXbhGBm7iS%2FzAcSsfBHrLLYbcjZ550VGb8zjckfciTUdYhACZJL16BArGa3OWPis9QTz76ajP1J7DFm5pewz7S8W8Yz3XbE1wYPGy%2BA6iOObShyO1vu0liNCPc7%2BTRN9c7I8w96GI9ZRRV%2FRQBsOLpKak4O86odVUYc0e%2Br32ChFsrOBg%2F5wj18Mn5orO1cpQh2ihoWgCzScU17YCW2L1%2Bk%2FhMIVyHZjnIJ7rylGwZhg60UojC%2FSS%2BIWp8nB11yNxKQSLis1kG8yOYMwnw9gl8rJqBwW4G8m7LZA%2BHIWtz9eunFX5LC8J%2BznBHPJImMxZYyQbn7ljpjdIBT8Rvq0XpX%2BcQEcZfbbFaVQ1LeM9MVrOPCq%2Fioa50XidBa6AiuBRp8pN%2F1iFwhGzFxTTUuQdL5ZhRprOYHS7143BluQTeb1FicrckwxxsgWuOOBtGp0F25PKBivkBIczeWFbxmoFeKvy6w09z0DFjXOqpEFgdsSq0QmgkGNMzV3gA%2FqqXlA%2BI2uBoHs7xFK8Mso9hjw5e2qZ5ld9GoXeFDxX9hMacuQvAirzQbfzRmWXbBluk82dYIZKylxkCd%2F2nX1HLaEgdfPeZp%2F8FhmoeRix5BclwdEyanSEpQQKxTRqsqs191dQ5wqqruFBDZmbfHvPFJs2OEtq5sakZptdNBoP8ynE%2FXLRVl%2B4ol4iPqmaIeCyNSPXdNBXzIR3bO9xEFxJzm1mdyVvIMBy3iw7lOmm5Nus1iV6kGwnk2nTdtKckztNN8YbmXUHneYw7cFHFWUo7d0C06i%2Bu79rsMCsExuHS3PtSA7yZG56GM5vWXEV61xs8yrgsfw8BzB1mGCq%2B0Y37ZWxBOrp4BHJ9oVx8kQ79kiIkhPed8d%2FZjLzNLj8FiWTLAWgcbXOey7fhAxCiC5QmAcU%2FE%2F7kA%2BrEBFJbi0%2BSKQXvca065DUydNVS0doyqiczUfvXgfH7F5GdHUTnP5%2BJSCvtQ%2FNEF%2BVjkRMEOwANChVaNULgDfIbXlgBLJd8SnruePMKYdBdohT8FcRq8cu%2F5WonRJY9XRuVURX8pKWnRS2HZLFqHyzHBPVHyjLkxuyMveeRj0iKydEHwCy6a2YHiiBVNg4l89EDIDn7Bm0YJ%2BY20x2JREno38NU60qAID12qlgWHH67feyVlEyhfNwAEiiWkhmCUjG0BBWxayWBBYX%2BrL3gsly%2BgMXfizfZRCYVvJG%2FyvFBDacD%2FCaNGoB57%2BDyct7VhGln6lhhv6P7ZVM1Cr99JZnvTd0yQFG%2BTMaRbgvF0TTTl%2ByuiU1qMuakFJfjPIHy38ZhakfG8BbNuPOXwW7cklzm3wMrilOybgGO1giKxGUBOAAadYYd6rWPQJi3zCW4WCbHUfPTbLDkrVgocxmRVDUm7bmzc0V8lXmK%2BNO0%2ByNinE6meFdFAav%2BXnQWU7xNnqtvtEIctPQmQnH64h%2B1FSR8cJjvWfQFFcwf%2FymZgsIK8pCtIBeTMRBD%2BxGSQbhGhrmRqLRyEBd7A8SuNyS7ZW%2F3%2FATswAQNHTnT1qedTDPixDMUlTiEyNDD6qreAuW5YZF1Gz96Xvb6z35aYm1lpSi%2F5MgpAtAU4aSBqqu0HHnQTJM5ytYUeFIHvFpNN%2FijQtv6SCH6u0pB9hxPbFbpHM8yC9G3fzNIo8GFgtZovadazspjaiXkAPIWBfktZuxITLUoVK2QjP0rz53A0FF1r7B6u%2FUvT8nzanKSlmyf555PHLLyXP1QCBMcRpQ7eXFobcemREUtgWax8jjtYmJ9oD94cLDvwQlEYv%2BBMtGwD%2BDB9FuYSo%2FqdP5%2F9NaGKAc6hyKVwTVQQ1aRi62WGHzxJOiv0uBDAUOBdJRn26jafVDnkufO2b6ircXAJDnx22nWxh54NnF9vS6PpI2daTg%3D%3D HTTP/1.1
Host: 2314.magpopnap.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizezones.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:38 GMT
Content-Type: text/html
Content-Length: 21328
Connection: keep-alive
cache-control: private, no-transform
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 14:54:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js
200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js
IP
File type ASCII text, with very long lines (65297)
Hash b42d5b84d4ed3ea8e741d1f01f76eae5
d788cb207310f1be23336afa14e3dd481ab506a6
a9ac86748302a43acb528cfca2913be33dee6dde7c811cdc71ae60da67b717ae
GET /npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2314.magpopnap.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"1332b-JlpzPLf7xIH9JRCmWaha1VyTyJU"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 23 Oct 2022 14:54:39 GMT
age: 1093984
x-served-by: cache-fra19165-FRA, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22291
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2314.magpopnap.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 20:15:10 GMT
expires: Sun, 22 Oct 2023 20:15:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 67169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 07997aa4dbf1edbdff8f787f3758f407
968244c51598a34f330cee4371c644d35952d282
30de8335ec1536e7f0ce33e00d512daa821e72e032276a5524f8433318294189
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 14:54:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E519B0E142BB03455FB83DCDA4114BA129F43E66"
Expires: Mon, 24 Oct 2022 02:00:00 GMT
Last-Modified: Sun, 23 Oct 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1109
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75eb4f2808d31c0e-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 14:54:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2314.magpopnap.live/media/mainstream/all/ab/2008_2.css
200 OK 0 B URL HTTP/1.1 2314.magpopnap.live/media/mainstream/all/ab/2008_2.css
IP
GET /media/mainstream/all/ab/2008_2.css HTTP/1.1
Host: 2314.magpopnap.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2314.magpopnap.live/ldtgxjpt/?u=xunwwwr&o=b08p0zy&cid=w594b5nclhbkguuji276419c&f=1&sid=t3~okiznit43btaacm1bc5e1wiu&fp=Endzg5b8d%2BQoDjeVcY1p%2BtJ7Ol2plWOi83Shsua87QXbhGBm7iS%2FzAcSsfBHrLLYbcjZ550VGb8zjckfciTUdYhACZJL16BArGa3OWPis9QTz76ajP1J7DFm5pewz7S8W8Yz3XbE1wYPGy%2BA6iOObShyO1vu0liNCPc7%2BTRN9c7I8w96GI9ZRRV%2FRQBsOLpKak4O86odVUYc0e%2Br32ChFsrOBg%2F5wj18Mn5orO1cpQh2ihoWgCzScU17YCW2L1%2Bk%2FhMIVyHZjnIJ7rylGwZhg60UojC%2FSS%2BIWp8nB11yNxKQSLis1kG8yOYMwnw9gl8rJqBwW4G8m7LZA%2BHIWtz9eunFX5LC8J%2BznBHPJImMxZYyQbn7ljpjdIBT8Rvq0XpX%2BcQEcZfbbFaVQ1LeM9MVrOPCq%2Fioa50XidBa6AiuBRp8pN%2F1iFwhGzFxTTUuQdL5ZhRprOYHS7143BluQTeb1FicrckwxxsgWuOOBtGp0F25PKBivkBIczeWFbxmoFeKvy6w09z0DFjXOqpEFgdsSq0QmgkGNMzV3gA%2FqqXlA%2BI2uBoHs7xFK8Mso9hjw5e2qZ5ld9GoXeFDxX9hMacuQvAirzQbfzRmWXbBluk82dYIZKylxkCd%2F2nX1HLaEgdfPeZp%2F8FhmoeRix5BclwdEyanSEpQQKxTRqsqs191dQ5wqqruFBDZmbfHvPFJs2OEtq5sakZptdNBoP8ynE%2FXLRVl%2B4ol4iPqmaIeCyNSPXdNBXzIR3bO9xEFxJzm1mdyVvIMBy3iw7lOmm5Nus1iV6kGwnk2nTdtKckztNN8YbmXUHneYw7cFHFWUo7d0C06i%2Bu79rsMCsExuHS3PtSA7yZG56GM5vWXEV61xs8yrgsfw8BzB1mGCq%2B0Y37ZWxBOrp4BHJ9oVx8kQ79kiIkhPed8d%2FZjLzNLj8FiWTLAWgcbXOey7fhAxCiC5QmAcU%2FE%2F7kA%2BrEBFJbi0%2BSKQXvca065DUydNVS0doyqiczUfvXgfH7F5GdHUTnP5%2BJSCvtQ%2FNEF%2BVjkRMEOwANChVaNULgDfIbXlgBLJd8SnruePMKYdBdohT8FcRq8cu%2F5WonRJY9XRuVURX8pKWnRS2HZLFqHyzHBPVHyjLkxuyMveeRj0iKydEHwCy6a2YHiiBVNg4l89EDIDn7Bm0YJ%2BY20x2JREno38NU60qAID12qlgWHH67feyVlEyhfNwAEiiWkhmCUjG0BBWxayWBBYX%2BrL3gsly%2BgMXfizfZRCYVvJG%2FyvFBDacD%2FCaNGoB57%2BDyct7VhGln6lhhv6P7ZVM1Cr99JZnvTd0yQFG%2BTMaRbgvF0TTTl%2ByuiU1qMuakFJfjPIHy38ZhakfG8BbNuPOXwW7cklzm3wMrilOybgGO1giKxGUBOAAadYYd6rWPQJi3zCW4WCbHUfPTbLDkrVgocxmRVDUm7bmzc0V8lXmK%2BNO0%2ByNinE6meFdFAav%2BXnQWU7xNnqtvtEIctPQmQnH64h%2B1FSR8cJjvWfQFFcwf%2FymZgsIK8pCtIBeTMRBD%2BxGSQbhGhrmRqLRyEBd7A8SuNyS7ZW%2F3%2FATswAQNHTnT1qedTDPixDMUlTiEyNDD6qreAuW5YZF1Gz96Xvb6z35aYm1lpSi%2F5MgpAtAU4aSBqqu0HHnQTJM5ytYUeFIHvFpNN%2FijQtv6SCH6u0pB9hxPbFbpHM8yC9G3fzNIo8GFgtZovadazspjaiXkAPIWBfktZuxITLUoVK2QjP0rz53A0FF1r7B6u%2FUvT8nzanKSlmyf555PHLLyXP1QCBMcRpQ7eXFobcemREUtgWax8jjtYmJ9oD94cLDvwQlEYv%2BBMtGwD%2BDB9FuYSo%2FqdP5%2F9NaGKAc6hyKVwTVQQ1aRi62WGHzxJOiv0uBDAUOBdJRn26jafVDnkufO2b6ircXAJDnx22nWxh54NnF9vS6PpI2daTg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 14:54:39 GMT
Content-Type: text/css
Connection: close
Last-Modified: Sun, 21 Aug 2022 15:13:38 GMT
Vary: Accept-Encoding
ETag: W/"63024ba2-1f21"
Content-Encoding: br
Cache-Control: no-transform
185.53.177.53
54.230.245.130
93.184.220.29
23.36.77.32
51.91.143.105
151.101.85.229
104.18.20.226