www.freakyprizes.com/win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd
94.237.93.242200 OK 3.8 kB URL HTTP/1.1 www.freakyprizes.com/win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd
IP 94.237.93.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5882)
Hash b4a17d545f24f96a0adc78ead40dc9c9
c5977f7b18f45bf240c91cfa010ac2a5e4d27fe6
0d54d5c642fb2ee8ce49e2faced567cb13097b96998dd7d5b6ba54a24a4d6e9b
GET /win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 26 Nov 2022 16:17:04 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ilk4RnFPNUVQWExKK0hKRldSQldSZUE9PSIsInZhbHVlIjoiUXNRWWdjWFJKMU9IVlRPYWtGUk9GSm1pT0xWdUJXUlY5dTF4MGRvL1Bid3RDNloyYUdRdEVkYW1hLzlqK1RKdCtTQWwzdWp0SzJUallVS0xrcU5jTStjYm5QM2k2anYva3hsNnUvSjNlWnN3eG90L3RrL1U2czRRdzIwTGE2eEIiLCJtYWMiOiJlYjY4ZGZjYWRiOGEzMjIzODNhZDEyMjdiMTY5MmI2MTQyYTNjMWFhNDA4MGZhNjU0YTQyMjAwZDM3OTYyZTMzIiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 18:17:04 GMT; Max-Age=7200; path=/
ivr_offers_session=eyJpdiI6Ik1QTzVGTTRqM0xtQmFtUGxiNHhOMWc9PSIsInZhbHVlIjoiYjlGZEJwZTMyY3lWRTg0UzhqWFNMdkcxU0l6VkpXZS93TDl1OWo1NUQ4N2JhNlFEekZ5MWVXR044cTlrVkxzUU1EWVNVendTYkIwSXRtU1UwZGxPby9Zc3RvbmFYSzZOQmo1TFFNYTR4VXZiVW1zQzBPWnBSMzhBMlk2NlFYWkwiLCJtYWMiOiI2MmM0ZjVkZTliMjAxYjBkNDBmNmE1NzMwOTM2ZWJhYzVlZjgwYWJlNDQ5ZDc1NmU0M2Q5ZjVhYmMwNGI4ZDcyIiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 18:17:04 GMT; Max-Age=7200; path=/; httponly
SESS_TRAF=eyJpdiI6Im84NURCUVQ0bFY5V1k0SCtQYXNmVkE9PSIsInZhbHVlIjoiSUZDWXZhQndPR1ZXUDY3cW5NYVY5ZTBjMXJ6M1NuQVlHcStqVFNkY2lYN3pvNFM3WTU5Njk1Y1dYQTArcU1JdU1Ka0FMaElNZHVnUENBQ3JYemxVNEdwVGh2VFYxQTNDSzFldmJ1eEEvUW9vdkMzV3c4b2xxRHl4SnVudTU5LzA1ai9aWGoxYkpLRzhJYWFUN0xneU0yRk53d25BQmRnSDNNS3V2OHUxUy8vTVVIeElxN3dkdjNTVEdrd1UyeFFMVWh0MmNxL3M4U3NYaDdZVVVqNmtkQmVLc1BRcVFjVU82OVBwb3RGWDhZRGFDVW94ekQwUzRWSTZmK2Z6ZVJXRS90b3RUc0VMN2x2WTJ1TU42OWh2TFVRbjF4ZTFwTVB2YVBGVFhxcWhMTEE9IiwibWFjIjoiYjJhMDgxYjU5ZDk5M2IyMDNiNzg4ZDk4ZDI5MjVkMTlmOWFmZTMzMmE5N2I2NWI5ZjAzYjVlMjAzYzFiMzdiNSIsInRhZyI6IiJ9; path=/; httponly
visit=eyJpdiI6IlI3dE5PZmRNQXFyMitrYlM0U2t5SGc9PSIsInZhbHVlIjoiWTZsN1pqQjBtTkJKWWZDRU1rcS9Sc0dlWnlsV0RBci93KzhHdG9LcG5JbStVOStMeHVBbDBwV09VY21rWEZ6WCIsIm1hYyI6ImJmZjRkNDY3ZWE1NzNhMjU4ODdmZjM1OTk5MTVjMTNmZDQxMzExNGYyNTY1ZTAwZDgzNmNjYTZlMWY1NjFjMGIiLCJ0YWciOiIifQ%3D%3D; expires=Sun, 27-Nov-2022 16:17:04 GMT; Max-Age=86400; path=/; httponly
gjh5vlWAErCKmmKVeEr1EaiFtWznLKJpb00Ox1kP=eyJpdiI6IlYzNW1HVVFZK0dZVTU5T0s4VEN4SkE9PSIsInZhbHVlIjoia1hiZk5XR0NKcGl4MU16eTAwekZlK0JhZVhtZUtsN3VRSktzYlo0NWVOdHRqZE9zNjlwWDVsM1pDVlJoYlZnaGVBTWpjdGw2MUhGRGN6WVhwMElmanlrS205ZTUrdndMb0t2VVNBajhaU05UZWhEcjh5ZUh3NGNUbllITDFyNE1XL1U4RmNHdTVuQmdsMEt2OVNNNkpMdGVqOTlRUzFoUngrUDB3cm5uSTFFVlpWTmVIMmNERDh5ZzZ5MXI1TFBUT1VFR3RHV2p5SDdZKzdlZmxWbFRpQzdVczd1UFlEV0plUHdTeG8vVHQ0OWpPOXhVbjlJbFJGdVBHbVFqV2lUV3ZqWDlzclo0NTBkbml1cURQMzllaE5rTmpSQTkwWDF0eThqUHFBcENWUTFsbHpjRmY4aGVUQVQ5ay8xdSs5VkFZdTd6SGpQYkFEeENNMjJVenJEMHVaRmtkdDRJTFhsM3dtV3RDc2xjU3FQZ3QxeHQ3V0E0Q1NIb2xaTCtBVUwrNWNidzg3SUc4Z25yb0g4ekdjVmduN2pGZUlsZ1c3VXJ5U2JtSGM0UmVDS0duQUg5QW5PMjJ5ZldWRy9iZkxYUGtMMzVTOVBacXd5Wms1TTdzb3IzaDE3TDZKU1VYUEd5amN0ZEtRUEIzUGRlVk45R2N3eHptdUoxRWdzVHp5Nk4vYzJsTUJubkZsZnRWeXJobkx6QWo2emdkakh5cWNDLzJqS3dGTHlJc1NWaGRQbjJESHJDRUp1RUdqRWw0WlhiQ1llZCt4OVh0WHYwMml6YlgvV1Fhdz09IiwibWFjIjoiNTdhMWQ0YmMxYjE5MzU1MTA1MjA2NzRmN2MwZTcwZDMxM2I3MDk3YTIzODRkMmRjNDgxZmJiOGVmOTMzNWJkOSIsInRhZyI6IiJ9; expires=Sat, 26-Nov-2022 18:17:04 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 16:17:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5083
Cache-Control: max-age=157127
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 16:17:04 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:55:51 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 15:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3471
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13011
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 16:17:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YCFzlBdPi2tzWkDcl/iDjiXxU+0KlNVShGa2L6/Mc7mYNhTjHb7SaLwRC7idHe82sIW7keLlb9w=
x-amz-request-id: H2AD2N7Q4R1MSE4G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 15:44:17 GMT
age: 1967
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
94.237.93.242200 OK 1.0 kB URL HTTP/1.1 www.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
IP 94.237.93.242:0
File type ASCII text, with very long lines (2967)
Hash 1afbacdf62ccbc91b0b13ff53e2b805b
8a56e95e2c1ccb375e17b861c533d68655e3ea44
c692e7a804aba79cadd4fc88c0fd5c48b4843d01e8d3ca19c3da4d77662935cd
Analyzer Verdict Alert fortinet Phishing
GET /css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3 HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.freakyprizes.com/win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6Ilk4RnFPNUVQWExKK0hKRldSQldSZUE9PSIsInZhbHVlIjoiUXNRWWdjWFJKMU9IVlRPYWtGUk9GSm1pT0xWdUJXUlY5dTF4MGRvL1Bid3RDNloyYUdRdEVkYW1hLzlqK1RKdCtTQWwzdWp0SzJUallVS0xrcU5jTStjYm5QM2k2anYva3hsNnUvSjNlWnN3eG90L3RrL1U2czRRdzIwTGE2eEIiLCJtYWMiOiJlYjY4ZGZjYWRiOGEzMjIzODNhZDEyMjdiMTY5MmI2MTQyYTNjMWFhNDA4MGZhNjU0YTQyMjAwZDM3OTYyZTMzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6Ik1QTzVGTTRqM0xtQmFtUGxiNHhOMWc9PSIsInZhbHVlIjoiYjlGZEJwZTMyY3lWRTg0UzhqWFNMdkcxU0l6VkpXZS93TDl1OWo1NUQ4N2JhNlFEekZ5MWVXR044cTlrVkxzUU1EWVNVendTYkIwSXRtU1UwZGxPby9Zc3RvbmFYSzZOQmo1TFFNYTR4VXZiVW1zQzBPWnBSMzhBMlk2NlFYWkwiLCJtYWMiOiI2MmM0ZjVkZTliMjAxYjBkNDBmNmE1NzMwOTM2ZWJhYzVlZjgwYWJlNDQ5ZDc1NmU0M2Q5ZjVhYmMwNGI4ZDcyIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Im84NURCUVQ0bFY5V1k0SCtQYXNmVkE9PSIsInZhbHVlIjoiSUZDWXZhQndPR1ZXUDY3cW5NYVY5ZTBjMXJ6M1NuQVlHcStqVFNkY2lYN3pvNFM3WTU5Njk1Y1dYQTArcU1JdU1Ka0FMaElNZHVnUENBQ3JYemxVNEdwVGh2VFYxQTNDSzFldmJ1eEEvUW9vdkMzV3c4b2xxRHl4SnVudTU5LzA1ai9aWGoxYkpLRzhJYWFUN0xneU0yRk53d25BQmRnSDNNS3V2OHUxUy8vTVVIeElxN3dkdjNTVEdrd1UyeFFMVWh0MmNxL3M4U3NYaDdZVVVqNmtkQmVLc1BRcVFjVU82OVBwb3RGWDhZRGFDVW94ekQwUzRWSTZmK2Z6ZVJXRS90b3RUc0VMN2x2WTJ1TU42OWh2TFVRbjF4ZTFwTVB2YVBGVFhxcWhMTEE9IiwibWFjIjoiYjJhMDgxYjU5ZDk5M2IyMDNiNzg4ZDk4ZDI5MjVkMTlmOWFmZTMzMmE5N2I2NWI5ZjAzYjVlMjAzYzFiMzdiNSIsInRhZyI6IiJ9; visit=eyJpdiI6IlI3dE5PZmRNQXFyMitrYlM0U2t5SGc9PSIsInZhbHVlIjoiWTZsN1pqQjBtTkJKWWZDRU1rcS9Sc0dlWnlsV0RBci93KzhHdG9LcG5JbStVOStMeHVBbDBwV09VY21rWEZ6WCIsIm1hYyI6ImJmZjRkNDY3ZWE1NzNhMjU4ODdmZjM1OTk5MTVjMTNmZDQxMzExNGYyNTY1ZTAwZDgzNmNjYTZlMWY1NjFjMGIiLCJ0YWciOiIifQ%3D%3D; gjh5vlWAErCKmmKVeEr1EaiFtWznLKJpb00Ox1kP=eyJpdiI6IlYzNW1HVVFZK0dZVTU5T0s4VEN4SkE9PSIsInZhbHVlIjoia1hiZk5XR0NKcGl4MU16eTAwekZlK0JhZVhtZUtsN3VRSktzYlo0NWVOdHRqZE9zNjlwWDVsM1pDVlJoYlZnaGVBTWpjdGw2MUhGRGN6WVhwMElmanlrS205ZTUrdndMb0t2VVNBajhaU05UZWhEcjh5ZUh3NGNUbllITDFyNE1XL1U4RmNHdTVuQmdsMEt2OVNNNkpMdGVqOTlRUzFoUngrUDB3cm5uSTFFVlpWTmVIMmNERDh5ZzZ5MXI1TFBUT1VFR3RHV2p5SDdZKzdlZmxWbFRpQzdVczd1UFlEV0plUHdTeG8vVHQ0OWpPOXhVbjlJbFJGdVBHbVFqV2lUV3ZqWDlzclo0NTBkbml1cURQMzllaE5rTmpSQTkwWDF0eThqUHFBcENWUTFsbHpjRmY4aGVUQVQ5ay8xdSs5VkFZdTd6SGpQYkFEeENNMjJVenJEMHVaRmtkdDRJTFhsM3dtV3RDc2xjU3FQZ3QxeHQ3V0E0Q1NIb2xaTCtBVUwrNWNidzg3SUc4Z25yb0g4ekdjVmduN2pGZUlsZ1c3VXJ5U2JtSGM0UmVDS0duQUg5QW5PMjJ5ZldWRy9iZkxYUGtMMzVTOVBacXd5Wms1TTdzb3IzaDE3TDZKU1VYUEd5amN0ZEtRUEIzUGRlVk45R2N3eHptdUoxRWdzVHp5Nk4vYzJsTUJubkZsZnRWeXJobkx6QWo2emdkakh5cWNDLzJqS3dGTHlJc1NWaGRQbjJESHJDRUp1RUdqRWw0WlhiQ1llZCt4OVh0WHYwMml6YlgvV1Fhdz09IiwibWFjIjoiNTdhMWQ0YmMxYjE5MzU1MTA1MjA2NzRmN2MwZTcwZDMxM2I3MDk3YTIzODRkMmRjNDgxZmJiOGVmOTMzNWJkOSIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 16:17:04 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 13:24:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"637f7079-bbb"
Expires: Sun, 26 Nov 2023 16:17:04 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 16:17:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d7e3c849af3bd576aa86bfdf71b33e5
f831df4d629fdc734c2f91f6d0028584b49aeb58
af50cce6d59a7a486f1146866de45dae3a6284ba240e7bb4d7af8a56073c49ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF50CCE6D59A7A486F1146866DE45DAE3A6284BA240E7BB4D7AF8A56073C49CE"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=791
Expires: Sat, 26 Nov 2022 16:30:15 GMT
Date: Sat, 26 Nov 2022 16:17:04 GMT
Connection: keep-alive
www.freakyprizes.com/js/app.js?id=29146093c1a43efa640780237ae43b21
94.237.93.242200 OK 64 kB URL HTTP/1.1 www.freakyprizes.com/js/app.js?id=29146093c1a43efa640780237ae43b21
IP 94.237.93.242:0
File type Unicode text, UTF-8 text, with very long lines (65474)
Hash 5f0a4d99ed02612149f0ab1becd7fb73
ed8b7f0b1c9534fdcf1bd0b5510f1d2e329020a9
9d80cdb20efe2fc6fab696765e922332fc62ae4eb84e799f34163f69b0f8269a
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js?id=29146093c1a43efa640780237ae43b21 HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.freakyprizes.com/win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6Ilk4RnFPNUVQWExKK0hKRldSQldSZUE9PSIsInZhbHVlIjoiUXNRWWdjWFJKMU9IVlRPYWtGUk9GSm1pT0xWdUJXUlY5dTF4MGRvL1Bid3RDNloyYUdRdEVkYW1hLzlqK1RKdCtTQWwzdWp0SzJUallVS0xrcU5jTStjYm5QM2k2anYva3hsNnUvSjNlWnN3eG90L3RrL1U2czRRdzIwTGE2eEIiLCJtYWMiOiJlYjY4ZGZjYWRiOGEzMjIzODNhZDEyMjdiMTY5MmI2MTQyYTNjMWFhNDA4MGZhNjU0YTQyMjAwZDM3OTYyZTMzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6Ik1QTzVGTTRqM0xtQmFtUGxiNHhOMWc9PSIsInZhbHVlIjoiYjlGZEJwZTMyY3lWRTg0UzhqWFNMdkcxU0l6VkpXZS93TDl1OWo1NUQ4N2JhNlFEekZ5MWVXR044cTlrVkxzUU1EWVNVendTYkIwSXRtU1UwZGxPby9Zc3RvbmFYSzZOQmo1TFFNYTR4VXZiVW1zQzBPWnBSMzhBMlk2NlFYWkwiLCJtYWMiOiI2MmM0ZjVkZTliMjAxYjBkNDBmNmE1NzMwOTM2ZWJhYzVlZjgwYWJlNDQ5ZDc1NmU0M2Q5ZjVhYmMwNGI4ZDcyIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Im84NURCUVQ0bFY5V1k0SCtQYXNmVkE9PSIsInZhbHVlIjoiSUZDWXZhQndPR1ZXUDY3cW5NYVY5ZTBjMXJ6M1NuQVlHcStqVFNkY2lYN3pvNFM3WTU5Njk1Y1dYQTArcU1JdU1Ka0FMaElNZHVnUENBQ3JYemxVNEdwVGh2VFYxQTNDSzFldmJ1eEEvUW9vdkMzV3c4b2xxRHl4SnVudTU5LzA1ai9aWGoxYkpLRzhJYWFUN0xneU0yRk53d25BQmRnSDNNS3V2OHUxUy8vTVVIeElxN3dkdjNTVEdrd1UyeFFMVWh0MmNxL3M4U3NYaDdZVVVqNmtkQmVLc1BRcVFjVU82OVBwb3RGWDhZRGFDVW94ekQwUzRWSTZmK2Z6ZVJXRS90b3RUc0VMN2x2WTJ1TU42OWh2TFVRbjF4ZTFwTVB2YVBGVFhxcWhMTEE9IiwibWFjIjoiYjJhMDgxYjU5ZDk5M2IyMDNiNzg4ZDk4ZDI5MjVkMTlmOWFmZTMzMmE5N2I2NWI5ZjAzYjVlMjAzYzFiMzdiNSIsInRhZyI6IiJ9; visit=eyJpdiI6IlI3dE5PZmRNQXFyMitrYlM0U2t5SGc9PSIsInZhbHVlIjoiWTZsN1pqQjBtTkJKWWZDRU1rcS9Sc0dlWnlsV0RBci93KzhHdG9LcG5JbStVOStMeHVBbDBwV09VY21rWEZ6WCIsIm1hYyI6ImJmZjRkNDY3ZWE1NzNhMjU4ODdmZjM1OTk5MTVjMTNmZDQxMzExNGYyNTY1ZTAwZDgzNmNjYTZlMWY1NjFjMGIiLCJ0YWciOiIifQ%3D%3D; gjh5vlWAErCKmmKVeEr1EaiFtWznLKJpb00Ox1kP=eyJpdiI6IlYzNW1HVVFZK0dZVTU5T0s4VEN4SkE9PSIsInZhbHVlIjoia1hiZk5XR0NKcGl4MU16eTAwekZlK0JhZVhtZUtsN3VRSktzYlo0NWVOdHRqZE9zNjlwWDVsM1pDVlJoYlZnaGVBTWpjdGw2MUhGRGN6WVhwMElmanlrS205ZTUrdndMb0t2VVNBajhaU05UZWhEcjh5ZUh3NGNUbllITDFyNE1XL1U4RmNHdTVuQmdsMEt2OVNNNkpMdGVqOTlRUzFoUngrUDB3cm5uSTFFVlpWTmVIMmNERDh5ZzZ5MXI1TFBUT1VFR3RHV2p5SDdZKzdlZmxWbFRpQzdVczd1UFlEV0plUHdTeG8vVHQ0OWpPOXhVbjlJbFJGdVBHbVFqV2lUV3ZqWDlzclo0NTBkbml1cURQMzllaE5rTmpSQTkwWDF0eThqUHFBcENWUTFsbHpjRmY4aGVUQVQ5ay8xdSs5VkFZdTd6SGpQYkFEeENNMjJVenJEMHVaRmtkdDRJTFhsM3dtV3RDc2xjU3FQZ3QxeHQ3V0E0Q1NIb2xaTCtBVUwrNWNidzg3SUc4Z25yb0g4ekdjVmduN2pGZUlsZ1c3VXJ5U2JtSGM0UmVDS0duQUg5QW5PMjJ5ZldWRy9iZkxYUGtMMzVTOVBacXd5Wms1TTdzb3IzaDE3TDZKU1VYUEd5amN0ZEtRUEIzUGRlVk45R2N3eHptdUoxRWdzVHp5Nk4vYzJsTUJubkZsZnRWeXJobkx6QWo2emdkakh5cWNDLzJqS3dGTHlJc1NWaGRQbjJESHJDRUp1RUdqRWw0WlhiQ1llZCt4OVh0WHYwMml6YlgvV1Fhdz09IiwibWFjIjoiNTdhMWQ0YmMxYjE5MzU1MTA1MjA2NzRmN2MwZTcwZDMxM2I3MDk3YTIzODRkMmRjNDgxZmJiOGVmOTMzNWJkOSIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 16:17:04 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 24 Nov 2022 13:24:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"637f7079-2e42c"
Expires: Sun, 26 Nov 2023 16:17:04 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
www.freakyprizes.com/js/offers/win_gold_min/app.js?id=d30d76f1235a2cee079e20aa2b497491
94.237.93.242200 OK 77 kB URL HTTP/1.1 www.freakyprizes.com/js/offers/win_gold_min/app.js?id=d30d76f1235a2cee079e20aa2b497491
IP 94.237.93.242:0
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash cf579184b20760c00aa79e80fbea709d
dbe32a411defbc5f22234b6eb1efa6c2c786c204
976e2d8bdc435750c5eeeb124959e06e30743d62ca1b79b141df28865138778b
GET /js/offers/win_gold_min/app.js?id=d30d76f1235a2cee079e20aa2b497491 HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.freakyprizes.com/win_gold_min?tid=5x1hde037di2me912qlcg80k4,16501417,5,1043&ctrack=1669479414.2795355111&p=1043&pi=mbep&click_id=wo2o98rudj4a1gokid5fiap0&prize=cash-500-usd
Cookie: XSRF-TOKEN=eyJpdiI6Ilk4RnFPNUVQWExKK0hKRldSQldSZUE9PSIsInZhbHVlIjoiUXNRWWdjWFJKMU9IVlRPYWtGUk9GSm1pT0xWdUJXUlY5dTF4MGRvL1Bid3RDNloyYUdRdEVkYW1hLzlqK1RKdCtTQWwzdWp0SzJUallVS0xrcU5jTStjYm5QM2k2anYva3hsNnUvSjNlWnN3eG90L3RrL1U2czRRdzIwTGE2eEIiLCJtYWMiOiJlYjY4ZGZjYWRiOGEzMjIzODNhZDEyMjdiMTY5MmI2MTQyYTNjMWFhNDA4MGZhNjU0YTQyMjAwZDM3OTYyZTMzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6Ik1QTzVGTTRqM0xtQmFtUGxiNHhOMWc9PSIsInZhbHVlIjoiYjlGZEJwZTMyY3lWRTg0UzhqWFNMdkcxU0l6VkpXZS93TDl1OWo1NUQ4N2JhNlFEekZ5MWVXR044cTlrVkxzUU1EWVNVendTYkIwSXRtU1UwZGxPby9Zc3RvbmFYSzZOQmo1TFFNYTR4VXZiVW1zQzBPWnBSMzhBMlk2NlFYWkwiLCJtYWMiOiI2MmM0ZjVkZTliMjAxYjBkNDBmNmE1NzMwOTM2ZWJhYzVlZjgwYWJlNDQ5ZDc1NmU0M2Q5ZjVhYmMwNGI4ZDcyIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Im84NURCUVQ0bFY5V1k0SCtQYXNmVkE9PSIsInZhbHVlIjoiSUZDWXZhQndPR1ZXUDY3cW5NYVY5ZTBjMXJ6M1NuQVlHcStqVFNkY2lYN3pvNFM3WTU5Njk1Y1dYQTArcU1JdU1Ka0FMaElNZHVnUENBQ3JYemxVNEdwVGh2VFYxQTNDSzFldmJ1eEEvUW9vdkMzV3c4b2xxRHl4SnVudTU5LzA1ai9aWGoxYkpLRzhJYWFUN0xneU0yRk53d25BQmRnSDNNS3V2OHUxUy8vTVVIeElxN3dkdjNTVEdrd1UyeFFMVWh0MmNxL3M4U3NYaDdZVVVqNmtkQmVLc1BRcVFjVU82OVBwb3RGWDhZRGFDVW94ekQwUzRWSTZmK2Z6ZVJXRS90b3RUc0VMN2x2WTJ1TU42OWh2TFVRbjF4ZTFwTVB2YVBGVFhxcWhMTEE9IiwibWFjIjoiYjJhMDgxYjU5ZDk5M2IyMDNiNzg4ZDk4ZDI5MjVkMTlmOWFmZTMzMmE5N2I2NWI5ZjAzYjVlMjAzYzFiMzdiNSIsInRhZyI6IiJ9; visit=eyJpdiI6IlI3dE5PZmRNQXFyMitrYlM0U2t5SGc9PSIsInZhbHVlIjoiWTZsN1pqQjBtTkJKWWZDRU1rcS9Sc0dlWnlsV0RBci93KzhHdG9LcG5JbStVOStMeHVBbDBwV09VY21rWEZ6WCIsIm1hYyI6ImJmZjRkNDY3ZWE1NzNhMjU4ODdmZjM1OTk5MTVjMTNmZDQxMzExNGYyNTY1ZTAwZDgzNmNjYTZlMWY1NjFjMGIiLCJ0YWciOiIifQ%3D%3D; gjh5vlWAErCKmmKVeEr1EaiFtWznLKJpb00Ox1kP=eyJpdiI6IlYzNW1HVVFZK0dZVTU5T0s4VEN4SkE9PSIsInZhbHVlIjoia1hiZk5XR0NKcGl4MU16eTAwekZlK0JhZVhtZUtsN3VRSktzYlo0NWVOdHRqZE9zNjlwWDVsM1pDVlJoYlZnaGVBTWpjdGw2MUhGRGN6WVhwMElmanlrS205ZTUrdndMb0t2VVNBajhaU05UZWhEcjh5ZUh3NGNUbllITDFyNE1XL1U4RmNHdTVuQmdsMEt2OVNNNkpMdGVqOTlRUzFoUngrUDB3cm5uSTFFVlpWTmVIMmNERDh5ZzZ5MXI1TFBUT1VFR3RHV2p5SDdZKzdlZmxWbFRpQzdVczd1UFlEV0plUHdTeG8vVHQ0OWpPOXhVbjlJbFJGdVBHbVFqV2lUV3ZqWDlzclo0NTBkbml1cURQMzllaE5rTmpSQTkwWDF0eThqUHFBcENWUTFsbHpjRmY4aGVUQVQ5ay8xdSs5VkFZdTd6SGpQYkFEeENNMjJVenJEMHVaRmtkdDRJTFhsM3dtV3RDc2xjU3FQZ3QxeHQ3V0E0Q1NIb2xaTCtBVUwrNWNidzg3SUc4Z25yb0g4ekdjVmduN2pGZUlsZ1c3VXJ5U2JtSGM0UmVDS0duQUg5QW5PMjJ5ZldWRy9iZkxYUGtMMzVTOVBacXd5Wms1TTdzb3IzaDE3TDZKU1VYUEd5amN0ZEtRUEIzUGRlVk45R2N3eHptdUoxRWdzVHp5Nk4vYzJsTUJubkZsZnRWeXJobkx6QWo2emdkakh5cWNDLzJqS3dGTHlJc1NWaGRQbjJESHJDRUp1RUdqRWw0WlhiQ1llZCt4OVh0WHYwMml6YlgvV1Fhdz09IiwibWFjIjoiNTdhMWQ0YmMxYjE5MzU1MTA1MjA2NzRmN2MwZTcwZDMxM2I3MDk3YTIzODRkMmRjNDgxZmJiOGVmOTMzNWJkOSIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 16:17:04 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 24 Nov 2022 13:24:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"637f7079-39cc6"
Expires: Sun, 26 Nov 2023 16:17:04 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
www.freakyprizes.com/img/prizes/cash-500-usd/default/default@0.75x.png
94.237.93.242200 OK 14 kB URL HTTP/2 www.freakyprizes.com/img/prizes/cash-500-usd/default/default@0.75x.png
IP 94.237.93.242:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 8a0e556cacd7eae426890d0b9c82592e
321c72a9a18d8967c967c0067a9ebc9030eb08a1
bab0791c1c042dafa1ab7f295943c515cd66458ef193f5da56734f1804c5e63a
GET /img/prizes/cash-500-usd/default/default@0.75x.png HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 16:17:04 GMT
content-type: image/png
content-length: 14072
last-modified: Thu, 24 Nov 2022 13:22:47 GMT
etag: "637f7027-36f8"
expires: Sun, 26 Nov 2023 16:17:04 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freakyprizes.com/img/offers/win_gold_min/bg.jpg
94.237.93.242200 OK 32 kB URL HTTP/1.1 www.freakyprizes.com/img/offers/win_gold_min/bg.jpg
IP 94.237.93.242:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Hash c69a051597a824a3669ae4a4fec7398b
b3c3bccb0e85734964f40e78acf1ad84757e9d1b
35b6e5cc0b3a23ad26e7e6e444998d4aa95d66add467bd2e110a3ae67c61a3c7
GET /img/offers/win_gold_min/bg.jpg HTTP/1.1
Host: www.freakyprizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.freakyprizes.com/css/offers/win_gold_min/app.css?id=b42914e86a05f14d49590f76856d77f3
Cookie: XSRF-TOKEN=eyJpdiI6Ilk4RnFPNUVQWExKK0hKRldSQldSZUE9PSIsInZhbHVlIjoiUXNRWWdjWFJKMU9IVlRPYWtGUk9GSm1pT0xWdUJXUlY5dTF4MGRvL1Bid3RDNloyYUdRdEVkYW1hLzlqK1RKdCtTQWwzdWp0SzJUallVS0xrcU5jTStjYm5QM2k2anYva3hsNnUvSjNlWnN3eG90L3RrL1U2czRRdzIwTGE2eEIiLCJtYWMiOiJlYjY4ZGZjYWRiOGEzMjIzODNhZDEyMjdiMTY5MmI2MTQyYTNjMWFhNDA4MGZhNjU0YTQyMjAwZDM3OTYyZTMzIiwidGFnIjoiIn0%3D; ivr_offers_session=eyJpdiI6Ik1QTzVGTTRqM0xtQmFtUGxiNHhOMWc9PSIsInZhbHVlIjoiYjlGZEJwZTMyY3lWRTg0UzhqWFNMdkcxU0l6VkpXZS93TDl1OWo1NUQ4N2JhNlFEekZ5MWVXR044cTlrVkxzUU1EWVNVendTYkIwSXRtU1UwZGxPby9Zc3RvbmFYSzZOQmo1TFFNYTR4VXZiVW1zQzBPWnBSMzhBMlk2NlFYWkwiLCJtYWMiOiI2MmM0ZjVkZTliMjAxYjBkNDBmNmE1NzMwOTM2ZWJhYzVlZjgwYWJlNDQ5ZDc1NmU0M2Q5ZjVhYmMwNGI4ZDcyIiwidGFnIjoiIn0%3D; SESS_TRAF=eyJpdiI6Im84NURCUVQ0bFY5V1k0SCtQYXNmVkE9PSIsInZhbHVlIjoiSUZDWXZhQndPR1ZXUDY3cW5NYVY5ZTBjMXJ6M1NuQVlHcStqVFNkY2lYN3pvNFM3WTU5Njk1Y1dYQTArcU1JdU1Ka0FMaElNZHVnUENBQ3JYemxVNEdwVGh2VFYxQTNDSzFldmJ1eEEvUW9vdkMzV3c4b2xxRHl4SnVudTU5LzA1ai9aWGoxYkpLRzhJYWFUN0xneU0yRk53d25BQmRnSDNNS3V2OHUxUy8vTVVIeElxN3dkdjNTVEdrd1UyeFFMVWh0MmNxL3M4U3NYaDdZVVVqNmtkQmVLc1BRcVFjVU82OVBwb3RGWDhZRGFDVW94ekQwUzRWSTZmK2Z6ZVJXRS90b3RUc0VMN2x2WTJ1TU42OWh2TFVRbjF4ZTFwTVB2YVBGVFhxcWhMTEE9IiwibWFjIjoiYjJhMDgxYjU5ZDk5M2IyMDNiNzg4ZDk4ZDI5MjVkMTlmOWFmZTMzMmE5N2I2NWI5ZjAzYjVlMjAzYzFiMzdiNSIsInRhZyI6IiJ9; visit=eyJpdiI6IlI3dE5PZmRNQXFyMitrYlM0U2t5SGc9PSIsInZhbHVlIjoiWTZsN1pqQjBtTkJKWWZDRU1rcS9Sc0dlWnlsV0RBci93KzhHdG9LcG5JbStVOStMeHVBbDBwV09VY21rWEZ6WCIsIm1hYyI6ImJmZjRkNDY3ZWE1NzNhMjU4ODdmZjM1OTk5MTVjMTNmZDQxMzExNGYyNTY1ZTAwZDgzNmNjYTZlMWY1NjFjMGIiLCJ0YWciOiIifQ%3D%3D; gjh5vlWAErCKmmKVeEr1EaiFtWznLKJpb00Ox1kP=eyJpdiI6IlYzNW1HVVFZK0dZVTU5T0s4VEN4SkE9PSIsInZhbHVlIjoia1hiZk5XR0NKcGl4MU16eTAwekZlK0JhZVhtZUtsN3VRSktzYlo0NWVOdHRqZE9zNjlwWDVsM1pDVlJoYlZnaGVBTWpjdGw2MUhGRGN6WVhwMElmanlrS205ZTUrdndMb0t2VVNBajhaU05UZWhEcjh5ZUh3NGNUbllITDFyNE1XL1U4RmNHdTVuQmdsMEt2OVNNNkpMdGVqOTlRUzFoUngrUDB3cm5uSTFFVlpWTmVIMmNERDh5ZzZ5MXI1TFBUT1VFR3RHV2p5SDdZKzdlZmxWbFRpQzdVczd1UFlEV0plUHdTeG8vVHQ0OWpPOXhVbjlJbFJGdVBHbVFqV2lUV3ZqWDlzclo0NTBkbml1cURQMzllaE5rTmpSQTkwWDF0eThqUHFBcENWUTFsbHpjRmY4aGVUQVQ5ay8xdSs5VkFZdTd6SGpQYkFEeENNMjJVenJEMHVaRmtkdDRJTFhsM3dtV3RDc2xjU3FQZ3QxeHQ3V0E0Q1NIb2xaTCtBVUwrNWNidzg3SUc4Z25yb0g4ekdjVmduN2pGZUlsZ1c3VXJ5U2JtSGM0UmVDS0duQUg5QW5PMjJ5ZldWRy9iZkxYUGtMMzVTOVBacXd5Wms1TTdzb3IzaDE3TDZKU1VYUEd5amN0ZEtRUEIzUGRlVk45R2N3eHptdUoxRWdzVHp5Nk4vYzJsTUJubkZsZnRWeXJobkx6QWo2emdkakh5cWNDLzJqS3dGTHlJc1NWaGRQbjJESHJDRUp1RUdqRWw0WlhiQ1llZCt4OVh0WHYwMml6YlgvV1Fhdz09IiwibWFjIjoiNTdhMWQ0YmMxYjE5MzU1MTA1MjA2NzRmN2MwZTcwZDMxM2I3MDk3YTIzODRkMmRjNDgxZmJiOGVmOTMzNWJkOSIsInRhZyI6IiJ9
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 16:17:04 GMT
Content-Type: image/jpeg
Content-Length: 31535
Last-Modified: Thu, 24 Nov 2022 13:24:09 GMT
ETag: "637f7079-7b2f"
Expires: Sun, 26 Nov 2023 16:17:04 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 34549524a0ef44b80238f5e9fed881dd
4958a7735f624bc6ccb51a5f911b54b427e3b129
ef3b7fa0697c9c38686808fbd6595d8627f922779919dde27a36f810c186f587
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF3B7FA0697C9C38686808FBD6595D8627F922779919DDE27A36F810C186F587"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1982
Expires: Sat, 26 Nov 2022 16:50:06 GMT
Date: Sat, 26 Nov 2022 16:17:04 GMT
Connection: keep-alive
s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
162.55.168.249200 OK 2 B URL HTTP/1.1 s3ntry.net/api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7
IP 162.55.168.249:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/18/envelope/?sentry_key=ccd7567c32f347d999f51c043b0ccde6&sentry_version=7 HTTP/1.1
Host: s3ntry.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.freakyprizes.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://www.freakyprizes.com
Content-Length: 434
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 16:17:04 GMT
Content-Type: application/json
Content-Length: 2
Connection: close
access-control-allow-origin: http://www.freakyprizes.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 16:08:54 GMT
cache-control: public,max-age=3600
age: 490
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3733
Cache-Control: max-age=150719
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 16:17:05 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:09:04 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ItqlUly2GLE4idiPlZ+bnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RXmvZlPOO3+4bA+noJXLYyT35gw=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:17:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:17:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:17:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 63837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 66810
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 66642
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 40358
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 32620
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 65881
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1u65k3qj4t7ya.cloudfront.net/carriers/telia.svg
54.230.245.69200 OK 0 B URL HTTP/2 d1u65k3qj4t7ya.cloudfront.net/carriers/telia.svg
IP 54.230.245.69:0
GET /carriers/telia.svg HTTP/1.1
Host: d1u65k3qj4t7ya.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 01 Jul 2022 12:26:39 GMT
x-amz-storage-class: REDUCED_REDUNDANCY
server: AmazonS3
content-encoding: gzip
date: Sat, 26 Nov 2022 10:58:04 GMT
etag: W/"c87c4b7324d0c7760e2c3c5ffb645dd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NWDDOZpY19MJfH0wbVBwnBks0TVetfqIq6gLXqSQux0LgxeyWQ9fPA==
age: 19141
X-Firefox-Spdy: h2
d1u65k3qj4t7ya.cloudfront.net/carriers/telenor.svg
54.230.245.69200 OK 0 B URL HTTP/2 d1u65k3qj4t7ya.cloudfront.net/carriers/telenor.svg
IP 54.230.245.69:0
GET /carriers/telenor.svg HTTP/1.1
Host: d1u65k3qj4t7ya.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.freakyprizes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 01 Jul 2022 12:26:39 GMT
x-amz-storage-class: REDUCED_REDUNDANCY
server: AmazonS3
content-encoding: gzip
date: Sat, 26 Nov 2022 02:15:58 GMT
etag: W/"22ac04ea759d608fe69bc0db24dc915c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bDECh6iR3odR2LKV6cCKUR1gBQtRhOvQtgeuHnUAnzVZQjD8DpDTGA==
age: 50467
X-Firefox-Spdy: h2