Overview

URL 7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
IP217.69.14.8
ASNAS-CHOOPA
Location France
Report completed2022-09-26 23:03:37 UTC
StatusLoading report..
urlquery Alerts Scam / Brand infringement


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS 7.winprizes107.digital (20) 0 2021-10-21 17:23:25 UTC 2022-09-26 18:54:29 UTC 217.69.14.8 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 12:59:20 UTC 143.204.55.115
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-26 22:11:41 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 44.240.140.78
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 12:15:18 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 217.69.14.8

Date UQ / IDS / BL URL IP
2022-11-29 11:42:28 +0000
0 - 0 - 2 47.winprizes147.digital/mx2/mxnotix23.html?ci (...) 217.69.14.8
2022-11-29 07:57:03 +0000
0 - 0 - 1 49.winprizes249.monster/es4/coppn2.html 217.69.14.8
2022-11-29 03:12:47 +0000
1 - 0 - 1 47.winprizes147.digital/mx2/mxnotix23.html 217.69.14.8
2022-11-29 02:12:09 +0000
1 - 0 - 0 17.winprizes217.one/brpp3/index.php?city=Moun (...) 217.69.14.8
2022-11-29 00:54:48 +0000
0 - 0 - 10 65.winprizes265.monster/phauto1/auto1n4.html? (...) 217.69.14.8

Last 5 reports on ASN: AS-CHOOPA

Date UQ / IDS / BL URL IP
2022-11-30 03:11:11 +0000
0 - 0 - 21 qr.blacksebo.de/ 144.202.15.240
2022-11-30 02:48:16 +0000
2 - 0 - 1 bit.chdsjjkrazomg.dhcp.biz/ 141.164.48.2
2022-11-30 02:45:12 +0000
0 - 0 - 1 terrehautebaseball.com/tnn 155.138.163.231
2022-11-30 01:40:47 +0000
0 - 0 - 1 thetopnewstoday.world/skin/en/bbc-news/v1/ski (...) 144.202.80.115
2022-11-30 01:40:46 +0000
0 - 0 - 1 thetopnewstoday.world/skin/en/bbc-news/v1/ski (...) 144.202.80.115

Last 5 reports on domain: winprizes107.digital

Date UQ / IDS / BL URL IP
2022-10-07 19:54:10 +0000
7 - 0 - 0 7.winprizes107.digital/ruwheel/rupro1.html?ci (...) 217.69.14.8
2022-09-26 23:03:37 +0000
7 - 0 - 0 7.winprizes107.digital/ruwheel/rupro1.html?ci (...) 217.69.14.8
2022-09-26 02:55:08 +0000
6 - 0 - 0 7.winprizes107.digital/ruwheel/rupro1.html?ci (...) 217.69.14.8
2022-09-25 07:56:23 +0000
7 - 0 - 0 7.winprizes107.digital/ruwheel/rupro1.html 217.69.14.8
2022-09-24 23:54:07 +0000
7 - 0 - 0 7.winprizes107.digital/ruwheel/rupro1.html?ci (...) 217.69.14.8

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-29 11:57:14 +0000
0 - 0 - 17 58.winprizes658.monster/engaff/phaff2022n4.ht (...) 45.76.148.82
2022-11-29 01:10:09 +0000
0 - 0 - 19 58.winprizes658.monster/engaff/phaff2022n4.ht (...) 45.76.148.82
2022-11-28 22:14:10 +0000
0 - 0 - 16 58.winprizes658.monster/engaff/phaff2022n4.ht (...) 45.76.148.82
2022-11-28 13:59:59 +0000
0 - 0 - 5 jazeerel.xyz/go/068da395-8644-4828-9aaa-f92e7 (...) 3.70.16.242
2022-11-28 03:56:32 +0000
0 - 0 - 19 track.buller-matuma.com/0697586d-8b86-4486-9f (...) 18.195.128.171


JavaScript

Executed Scripts (9)


Executed Evals (1)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: b0878ab58643b9f4a36f33eca4beb9929702544a2bd8f7b83958796b3809cd69

                                        (() => {
    const a = async
    function name() {};
    window['eui6knb3oi4'] = true;
})()
                                    

Executed Writes (0)



HTTP Transactions (37)


Request Response
                                        
                                            GET /ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598 HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         217.69.14.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Mon, 26 Sep 2022 23:03:26 GMT
Content-Length: 959
Connection: keep-alive
Location: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (626)
Size:   959
Md5:    7ae1153f1c4e986556309a864012168e
Sha1:   5fc01a99df9debcc8e22e0846acde86723d68345
Sha256: 329895fb69e8bb92b67dac96bb92a93b0732a9e085b85fdc92579f442b90d8d0
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:15:24 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7nQBeR8Te8WeXUjecFMzy342Q7ozjZOxGGTxJHBS-Y-cU77sMbcR9g==
Age: 2882


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9448
Expires: Tue, 27 Sep 2022 01:40:54 GMT
Date: Mon, 26 Sep 2022 23:03:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5408
Expires: Tue, 27 Sep 2022 00:33:34 GMT
Date: Mon, 26 Sep 2022 23:03:26 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: MrKRoI832+AnUIp6+Y+xqVXH/lXasiLOaFVwrqXei/mZd6b3S8vx5SXl7oHG29uGJyx1lEfwxrI=
x-amz-request-id: 0T3HH4YWHEFSMAKY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 22:48:57 GMT
age: 869
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ruwheel/img/landers/prizewheel-fb/notification.png HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 449
last-modified: Fri, 22 Oct 2021 19:47:18 GMT
etag: "1c1-5cef6475e6f56"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Size:   449
Md5:    bd5203f2cc9e7a9125e4575e029541b0
Sha1:   9fa565ab2f4b55da4735b79e529562252b3c9afe
Sha256: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 32496
last-modified: Fri, 22 Oct 2021 19:47:18 GMT
etag: "7ef0-5cef64768912d"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Size:   32496
Md5:    d4655cba21d806e849eed4e4119fbe1a
Sha1:   6453039d85005643e9d65074ca022f63b5d47cdd
Sha256: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 35519
last-modified: Fri, 22 Oct 2021 19:47:24 GMT
etag: "8abf-5cef647bc10ee"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   35519
Md5:    3425f87a8def62d878b3fbf8f930dee2
Sha1:   961688eb1d3c97e9ed61199b0fcd32e60d1d3467
Sha256: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/img/landers/prizewheel-fb/loader.gif HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 5083
last-modified: Fri, 22 Oct 2021 19:47:18 GMT
etag: "13db-5cef6475e7ef6"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 50\012- data
Size:   5083
Md5:    ed786659a534e0d183c09a90c50abc9d
Sha1:   a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
Sha256: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/js/app.js?id=70153298ff6fb62a5a50 HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
vary: Accept-Encoding
last-modified: Fri, 22 Oct 2021 19:47:14 GMT
etag: W/"3d1-5cef64729b2dc"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (977), with no line terminators
Size:   945
Md5:    5fc83565ae35ba8e43cca9678ee508e3
Sha1:   bd6b8a28e6ecccc28127b9dd4497c39d5dddf326
Sha256: 9b969ad929a29dba217735872266fde88b3baed5d69fe4f49708d1ffb736c853
                                        
                                            GET /ruwheel/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 3370
last-modified: Fri, 22 Oct 2021 19:47:18 GMT
etag: "d2a-5cef6476823cc"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Size:   3370
Md5:    dc484e0043b5ff6191b1880c8779863c
Sha1:   a5b67e3dff3dea3940eed090431aecbb36611b1d
Sha256: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/img/profiles/caucasian/female/3@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2833
last-modified: Fri, 22 Oct 2021 19:47:29 GMT
etag: "b11-5cef6480d1009"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2833
Md5:    8196857e051c12bf3fbc80c5d2706f77
Sha1:   6c5b5053cade51a1c872fd0fccd6425cac4654ad
Sha256: e7da422e27935176f348741986684bb7579b8f27b00d5e740c0b205f35fd382a
                                        
                                            GET /ruwheel/img/profiles/caucasian/male/3@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2844
last-modified: Fri, 22 Oct 2021 19:47:33 GMT
etag: "b1c-5cef64847d770"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2844
Md5:    54fbc106f1b9db6ac824a4650d60f3bb
Sha1:   100e44c2fe78adb90e6f949045a50149bb7f3774
Sha256: 559cdadc5c3fcdf6e028d343c420ce52983ae44b1ae217c8c60f1067a081104c
                                        
                                            GET /ruwheel/img/profiles/caucasian/male/10@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2736
last-modified: Fri, 22 Oct 2021 19:47:32 GMT
etag: "ab0-5cef6483e329a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2736
Md5:    1112732142f99bb6c1631b89e0d3ab7d
Sha1:   23f5c0c1a491135b6e2e16f1f649773ac95d7bdf
Sha256: fb6ecfa12b19fa686f2e8138fe5be303d5e08f270c995e2bc287c33b62faa503
                                        
                                            GET /ruwheel/img/profiles/caucasian/female/6@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2496
last-modified: Fri, 22 Oct 2021 19:47:30 GMT
etag: "9c0-5cef6481472ba"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2496
Md5:    16b747e82cf312a2ced55303d0498d39
Sha1:   5e6d8443cb51b6ef2f1b8418e210c1cb4cb3272d
Sha256: 9689a7da01f10d4f058803fdfa77b6e874073e0eb3e7007c9c551d6a85b2e10e
                                        
                                            GET /ruwheel/img/profiles/caucasian/male/9@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2283
last-modified: Fri, 22 Oct 2021 19:47:33 GMT
etag: "8eb-5cef6484844d1"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2283
Md5:    3ee4f789968700c627e093497418ba7a
Sha1:   5167cc73c33fae5fd4188aa0726af6cd745a874f
Sha256: 6615703a9d11b53339464d4878af74874fae469524ce02266f02c9f1dd6c2239
                                        
                                            GET /ruwheel/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 23152
last-modified: Fri, 22 Oct 2021 19:47:24 GMT
etag: "5a70-5cef647bbd26d"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Size:   23152
Md5:    029d38095e06ced0688fd67a58e70781
Sha1:   b5bdaddeb39b947c35f883f001f34dd163bcb362
Sha256: 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /ruwheel/img/profiles/caucasian/female/5@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2607
last-modified: Fri, 22 Oct 2021 19:47:29 GMT
etag: "a2f-5cef6481184b3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2607
Md5:    5e930fa2efb8142b942712a603c0d112
Sha1:   82a6ab6fd202a0e973b4e83861cb9889294289cd
Sha256: b15d6a868ff22d57beec85074fbac2b0bf4d94aba82586f91e28f1843bec2482
                                        
                                            GET /ruwheel/img/profiles/caucasian/female/1@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 1924
last-modified: Fri, 22 Oct 2021 19:47:29 GMT
etag: "784-5cef6480a02c2"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   1924
Md5:    fbd823b4b286d9441a68da275eeaf828
Sha1:   ed13e98d4b2615e7b00eb9c432c25d46c70389d6
Sha256: 3da1e9cfb273447e5e799ead9e3c1be32c4d95a1aef51982a3dfcaf76ab75afb
                                        
                                            GET /ruwheel/img/profiles/caucasian/male/2@0.25x.jpg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
content-length: 2359
last-modified: Fri, 22 Oct 2021 19:47:32 GMT
etag: "937-5cef6483e329a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2359
Md5:    bfc6eca6ea03a0dae038e42188616d92
Sha1:   d8b88015604798d901a5929a2331e7f581baecfe
Sha256: ac8b3a49e5e511cb0d40f376c87216e5116ec0f85a6de30e157e0fdf45fe7acd
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 22:10:46 GMT
Expires: Mon, 26 Sep 2022 22:39:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7nSWvTFbgbITJKHaMHfBqZto0Oib6Yh6kvJ5PYPRpgseaDoTYiyBVg==
Age: 3161


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5117
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 23:03:27 GMT
Last-Modified: Mon, 26 Sep 2022 21:38:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9FUt3rr72Fo/TbbG2BsYrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.240.140.78
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DwIiqXInC9rYkn5y7jNEtMW42c0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11969
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:03:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11969
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:03:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11969
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:03:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6836
x-amzn-requestid: 64bb0de3-8ea1-42eb-9f09-8ec659ee9298
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkrdFptoAMFmlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b15-241d20bc25e670e12ff634cf;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kYeh01s4UsRIkT9ASt--Gs5uUHPNIMrkY8eypOkjopOXBh4iwOshFw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:13 GMT
etag: "b37a39808c82e85f1860a48b3f451ef8d172a336"
age: 4335
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6836
Md5:    08590e33d7c8ebc6360d1d631f29178d
Sha1:   b37a39808c82e85f1860a48b3f451ef8d172a336
Sha256: 393c2c891699d1c47cb9d73412229624bdb3cc10cc0b509d8ec582d2c9a97aa1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 3612
etag: "2b53c4f836970501a682dae07235215c487d35cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7716
Md5:    8ef8d9284ebd57a7cf76ceb762291356
Sha1:   2b53c4f836970501a682dae07235215c487d35cc
Sha256: 3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6487
x-amzn-requestid: cd11b94b-24be-4e6d-bce3-a480b2c1cc23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDWDQEYAIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633136e1-5fcb76b5408fdfa20ec55dd8;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 05:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GcEH02ZlJM-8wUvNf7K7rK7f1cs6_m4i9UYUNxXUGzcDTEz74JH3cA==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:28 GMT
age: 3840
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6487
Md5:    e88b78ede0e4583585d6bb805fb39470
Sha1:   edff303440c5972381295b4b2602bd3f77f6702a
Sha256: ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 34497
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8255
Md5:    fa70ece15044b7318cb11ae5e37a64e7
Sha1:   04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
Sha256: 8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 4294
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7128
Md5:    4197a8a505b360b0c43142faf8cb7f48
Sha1:   4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
Sha256: 434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZuilN7CTsQ_XYx39le70nZKRzVBDyygmYdaHVmBnpi8teTUB1Faxw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 4450
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4327
Md5:    f9bc23ab347b5f2e2ec15d69f41f0cf0
Sha1:   a92af0438aa2b6637c0f69dabd0be00b3a43caf8
Sha256: 4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
                                        
                                            GET /ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598 HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
vary: Accept-Encoding
last-modified: Thu, 28 Oct 2021 02:26:08 GMT
etag: W/"3f46-5cf606ee934e0"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ruwheel/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
vary: Accept-Encoding
last-modified: Fri, 22 Oct 2021 19:47:12 GMT
etag: W/"21-5cef64706c90b"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ruwheel/img/fb-like.svg HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
vary: Accept-Encoding
last-modified: Fri, 22 Oct 2021 19:47:12 GMT
etag: W/"1213-5cef6470ad055"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ruwheel/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf HTTP/1.1 
Host: 7.winprizes107.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.winprizes107.digital/ruwheel/rupro1.html?city=Mountain%20View&model=Desktop&brand=Desktop&cep=dMJcHYw91SXvcCowISKqOp8SzrdolHJzsnLRz_XFokGg-Kud5JLmUBaMZsJD726m7dXQ1pd4LL4dtd8WEwXc9YcBPwrgYb-TyYs507IFN1jJnuL8wXtuppCOQIYKsaT278HGqGasO8aaE8nONFgf0SZ930dIZTSbon413GyJLeUDJHXhLQ95POIZ3ZQZfsXfzSWhDeowkS9nbClDBkfIi6oZOuPoZHVuJJTqQ3TS9MomQzhODfnZWkopoMDokHT2Er1dRHSnhMH6k0ZwPGZ178m1asWzTPimk7W9HfgglapBkLULlbVscbQ5pm_ACMOUVcmAuy8lqNYjH8ntaETNLaHg2sJb88xc9FoBTbL-KQu2FLspV3Tc7JOSp9zdkD7bz0VPEevs1awm-E4_19w4HZT7EchdZ6akxjWk1_I5Mzg&lptoken=162a6412235f51109598
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 26 Sep 2022 23:03:26 GMT
vary: Accept-Encoding
last-modified: Fri, 22 Oct 2021 19:47:28 GMT
etag: W/"24995-5cef648006d8b"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---