| win.2023prizes.com/go/8643601b-03d2-41b2-b1c1-d0d67ed15969 |  3.70.16.242 | 302 Found | 772 B |
URL HTTP/1.1win.2023prizes.com/go/8643601b-03d2-41b2-b1c1-d0d67ed15969 IP3.70.16.242:0
File typeHTML document, ASCII text, with very long lines (772), with no line terminators Hash3d5f8f0ffd010f57e65e5545bc90e086 86db2769cf9f3f549fc53c68edbb1454aac87c93 12b73d23f8c1ee6d2bc1ef00f87f09755abdf1f14415adb07b95b6945637052e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /go/8643601b-03d2-41b2-b1c1-d0d67ed15969 HTTP/1.1
Host: win.2023prizes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: openresty
Date: Tue, 07 Feb 2023 19:58:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 772
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Set-Cookie: bemob-uniq-visit:8643601b-03d2-41b2-b1c1-d0d67ed15969=1; Domain=win.2023prizes.com; Path=/; Expires=Wed, 08 Feb 2023 19:58:02 GMT; HttpOnly
bemob-rotation:8643601b-03d2-41b2-b1c1-d0d67ed15969:random:fc69a3d4ef3c4ed614e170138fa5f81b=0-0-1; Domain=win.2023prizes.com; Path=/; Expires=Wed, 08 Feb 2023 19:58:02 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Fprizeandoffers.com%2Fuverwitsw%2Fenglish%2Findex%2Findex.html%3Fcid%3DQ3XkzgJ9TNoq1S2yzwnJ8f%26source%3D8643601b-03d2-41b2-b1c1-d0d67ed15969%26key%3DeyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%253D%253D%26bemobdata%3Dc%253D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%253D8aeae600-bb55-4403-bc8b-e74e484eb018..a%253D1..b%253D0; Domain=win.2023prizes.com; Path=/; Expires=Wed, 08 Feb 2023 19:58:02 GMT; HttpOnly
Vary: Accept
X-Response-Time: 25.403ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdca68db7aea32f6683ce8d542c078f04 19c495238df74fca680e21f18627ff94de5dd2e5 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14848
Expires: Wed, 08 Feb 2023 00:05:30 GMT
Date: Tue, 07 Feb 2023 19:58:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Wed, 08 Feb 2023 00:38:44 GMT
Date: Tue, 07 Feb 2023 19:58:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11422
Expires: Tue, 07 Feb 2023 23:08:24 GMT
Date: Tue, 07 Feb 2023 19:58:02 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 19:34:08 GMT
content-type: application/json
age: 1434
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VllKWTCxAka3pmcja/U7T1OneZ88r852KlAb/kx3gjbiofpEzJGuG+86mxnU4WtQe0vC6qI2K4LZvNFd+gWepw==
x-amz-request-id: VPFDGNNZS30TAKE0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 19:35:38 GMT
age: 1344
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/8RpO0G_lJ84 | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/8RpO0G_lJ84 IP142.250.74.163:0
Hash4c4f08e421c23fd801a265269a7a343d 034499e0cbede52d591dff7683a10e629822457e 5200c8b04e6a7496a02c7a9bc780e06154de8a7d3a324af202dd0d0de19dfc88
POST /s/gts1p5/8RpO0G_lJ84 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/8RpO0G_lJ84 | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/8RpO0G_lJ84 IP142.250.74.163:0
Hash4c4f08e421c23fd801a265269a7a343d 034499e0cbede52d591dff7683a10e629822457e 5200c8b04e6a7496a02c7a9bc780e06154de8a7d3a324af202dd0d0de19dfc88
POST /s/gts1p5/8RpO0G_lJ84 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| prizeandoffers.com/uverwitsw/english/index/img/landers/survey-pick-a-box/spinner.gif |  104.21.18.223 | 200 OK | 1.6 kB |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/img/landers/survey-pick-a-box/spinner.gif IP104.21.18.223:0
File typeGIF image data, version 89a, 16 x 16\012- data Hash907e5277285e5c4d1cfdf2ecc2332c53 d4c50a33dbf2f2c896bb13b5339affcf345cdf10 d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
GET /uverwitsw/english/index/img/landers/survey-pick-a-box/spinner.gif HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: image/gif
content-length: 1569
cf-ray: 795eb2b43dd5b524-OSL
accept-ranges: bytes
cache-control: public, max-age=14400, must-revalidate
etag: "c1dcead54c316fa591172016e9477403-ssl"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
x-nf-request-id: 01GRPQ9V71GE8VX5C6FB01GBQ5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrwxetE1fkNsiJYBtDDvjrXN3n5Maf%2FgJexzwic5rSFKXUeT4Y9DymlFffTOqd%2FaWWCfeFmQOAEU7lcrnv0ULXXtoqkFIRmpzaFwrOaBtEMXVJDO5j7cxLvQlrgIg5ghOKMKNn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/uverwitsw/english/index/img/landers/survey-pick-a-box/checked.png | 104.21.18.223 | 200 OK | 1.5 kB |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/img/landers/survey-pick-a-box/checked.png IP104.21.18.223:0
File typePNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data Hashb9a9e340bb886b125b3f43f6fe456c0d e60c66e26465ba9bac392e72733c20380228ad73 ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
GET /uverwitsw/english/index/img/landers/survey-pick-a-box/checked.png HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: image/png
content-length: 1502
cf-ray: 795eb2b43dd4b524-OSL
accept-ranges: bytes
cache-control: public, max-age=14400, must-revalidate
etag: "5c14285e4620a4e4edfadebf1a90af91-ssl"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
x-nf-request-id: 01GRPQ9V77BT65QS7HX2E8H99J
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJLR4l3HgxT8eOapwK%2FtBMcZFpeGkvxeRYcxJPDC1qYz04UGyjM5qEgyH2silne%2BqKqDRpdGN0r%2Blmj9rUX5PCt3AgHDZ1Vl0BwanSsIYkj%2FAxoAFKPzxcOdDfTq8WQ7uPa7DGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/uverwitsw/english/index/img/prizes/iphone-13-pro-max/default@0.75x.png | 104.21.18.223 | 200 OK | 12 kB |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/img/prizes/iphone-13-pro-max/default@0.75x.png IP104.21.18.223:0
File typePNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data Hash67668c05ba6bb6196a38c9abeb567a78 059bcaf8ffb9fd52741ec3fd0b0fc30891faa2a9 f314aa1a1cc18201e581f3f2976ea022da3c03714b15c0a06113ab3e59d34a46
GET /uverwitsw/english/index/img/prizes/iphone-13-pro-max/default@0.75x.png HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:03 GMT
content-type: image/png
content-length: 12235
cf-ray: 795eb2b43dd0b524-OSL
accept-ranges: bytes
cache-control: public, max-age=14400, must-revalidate
etag: "c483b50043623d625f3f206080078da0-ssl"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
x-nf-request-id: 01GRPQ9V6YXSSRD7CSJBWTWPCW
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IFQmM69VcFttaQu1lsQqRqcBp98k5HfmqJ5OdyaDx%2Bn92X3%2FQRI7%2BQrMR4qdSexijxFdPxng8Rl1kxJ6vJKGa13FQIjYYM5IP%2FDAHCSSEFHvFGlGT5IpeKBHGpCuGMh48vMe3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash325a8a10ce2837a8c6820e30572d181c 195d6189f0f10fcb301fce3af4c27028bbcb9eaa 2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 19:14:52 GMT
age: 2591
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash325a8a10ce2837a8c6820e30572d181c 195d6189f0f10fcb301fce3af4c27028bbcb9eaa 2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Wed, 08 Feb 2023 00:00:33 GMT
Date: Tue, 07 Feb 2023 19:58:03 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash3f3962ef574ee0069c41f7cbcabd1ef3 c4b6aefa8563432c5e5901488c38ae7da3c83fd7 9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 | 216.58.207.227 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 30908, version 1.0\012- data Hash0637d53459cdc8ee092a8f96186b4097 060034f995d649902b3207d41fde9a6060241499 50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
GET /s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prizeandoffers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:58:01 GMT
expires: Fri, 02 Feb 2024 00:58:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:34:50 GMT
content-type: font/woff2
age: 500402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha9d797a66fa19e25918dca79f5e90663 b935ae248fc305306648262c3588b2421d2f270d 7789e58151ba54418dc94cb8f8071f44f1e5a6d74a727ea7ffdb921b1f873f1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7789E58151BA54418DC94CB8F8071F44F1E5A6D74A727EA7FFDB921B1F873F1B"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12559
Expires: Tue, 07 Feb 2023 23:27:22 GMT
Date: Tue, 07 Feb 2023 19:58:03 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.162.173.86 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.173.86:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EpSpmCjEUfcWQHdES3mb9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c4nWzmpo1jn0K0u38i6IdDYqRN4=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash3f3962ef574ee0069c41f7cbcabd1ef3 c4b6aefa8563432c5e5901488c38ae7da3c83fd7 9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 19:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gauvaiho.net/zone?&pub=0&zone_id=5701578&is_mobile=false&domain=prizeandoffers.com&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var_3=&dsig=&action=prerequest |  139.45.197.251 | 200 OK | 0 B |
URL HTTP/2gauvaiho.net/zone?&pub=0&zone_id=5701578&is_mobile=false&domain=prizeandoffers.com&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var_3=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5701578&is_mobile=false&domain=prizeandoffers.com&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var_3=&dsig=&action=prerequest HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://prizeandoffers.com
Connection: keep-alive
Referer: https://prizeandoffers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 19:58:03 GMT
content-length: 0
x-trace-id: 86437d3c763ea2dad62488c30137c375
access-control-allow-origin: https://prizeandoffers.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18096
Expires: Wed, 08 Feb 2023 00:59:40 GMT
Date: Tue, 07 Feb 2023 19:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18096
Expires: Wed, 08 Feb 2023 00:59:40 GMT
Date: Tue, 07 Feb 2023 19:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18096
Expires: Wed, 08 Feb 2023 00:59:40 GMT
Date: Tue, 07 Feb 2023 19:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18096
Expires: Wed, 08 Feb 2023 00:59:40 GMT
Date: Tue, 07 Feb 2023 19:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18096
Expires: Wed, 08 Feb 2023 00:59:40 GMT
Date: Tue, 07 Feb 2023 19:58:04 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash92008e687831334af1cdbf4b8a57579f e6ff750f12836637adf5b253d64c2102fdf3c180 39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:27 GMT
age: 79357
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash003fc35e140a75a12b7795c3986426ec da002b22e2a01f48a545b369d4403eabb17a10d5 bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 43957
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash59419fb1cf4689bed183d0e9a6aed782 47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a e6009407bd61bee1ae16ec30ea5914be77c56ee65dfb30595b10a1cedc6798c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12682
x-amzn-requestid: d858d90a-b1ca-401c-8e00-8ccd9c0a7504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78mUEsfIAMFreg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1748e-2783de3e3de9c520246bf06e;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _D5bI_flPN8fUn6aTGqO76FRSDwwC379nkVCBptmZkALErIVFCZfpA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
age: 79365
etag: "47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7d8c3ebd17a435401c7f9fe3b8f842be f2106be148fea23bf961fcdb69ea4cb127aa5f3e ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: a6qwcT9sfonMVlyq2ZX6CSXWeW2upfeAWqqNEgVI2sqq7280sCfolw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:50:14 GMT
age: 79670
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg | 34.120.237.76 | 200 OK | 4.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheedb4de12585c70ddb5b8f94fe6a59e2 83c9437e71a0a03b3e8ff652155a85eafa76cdda d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 79365
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash75b0935816ca54d5d20a9fffa5531e0d bd8374980c16b7d5a28e55b8bef2215713b1ebb2 4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc8KEoPoAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 09:07:41 GMT
age: 39023
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0 | 104.21.18.223 | 200 OK | 0 B |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0 IP104.21.18.223:0
GET /uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0 HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: text/html; charset=UTF-8
cf-ray: 795eb2b30b78b524-OSL
age: 89191
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-nf-request-id: 01GRPQ9V1KBWSP7AVT50DHDEH1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRC3KdcONstDXa6L0bOXYbrgl8OuzuY35emClsWx97431HWQBaSQ3OKZEjgknpAzZpDK2%2F%2Bt498lH7SYAH%2F7bTo%2Fh%2B39490Y9BRhsPMCGWKyQARxTo%2BE5i%2FIQhOHulAQlzutyEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.21.18.223 | 200 OK | 0 B |
URL HTTP/2prizeandoffers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.21.18.223:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 18:52:43 GMT
etag: W/"63e14c7b-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GtV1%2BK2fpksusd3qszJdZ5o9uKD0HDWDcB1GgdFNlJ838M0hRjTqSL0GQYQgoYpde2uN9jgJC4fLWxMjtkt9Lk3k4OZwIMGutHLg8EToOrq%2FfoQdN7mh72%2FZ6hkzHqyDFS6J9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795eb2b43dd8b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 Feb 2023 19:58:02 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/uverwitsw/english/index/css/landers/survey-pick-a-box/app.css?id=cfc27b22c2dc71691640 | 104.21.18.223 | 200 OK | 0 B |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/css/landers/survey-pick-a-box/app.css?id=cfc27b22c2dc71691640 IP104.21.18.223:0
GET /uverwitsw/english/index/css/landers/survey-pick-a-box/app.css?id=cfc27b22c2dc71691640 HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: text/css; charset=UTF-8
cf-ray: 795eb2b43dceb524-OSL
cache-control: public, max-age=14400, must-revalidate
etag: W/"f6edcd3eb64099c32ea5bde0ee5eaafb-ssl-df"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
x-nf-request-id: 01GRPQ9V75J89B52A0X8HFZQG0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksdarg2%2B8SiwOZCCPU7dKJYlT5%2BCX5BNA10HzqlR%2Fer3WdA1jTBAaBEaMV7cLuhkdFmZZy4aicTiD%2BOET1%2FH21D606jr4GQR1S7h%2BdPayNKMPh01NTunpv92kxW%2B98NO%2B4vRP1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prizeandoffers.com/uverwitsw/english/index/css/app.css?id=2fbe2d9a9a40ca9b2489 | 104.21.18.223 | 200 OK | 0 B |
URL HTTP/2prizeandoffers.com/uverwitsw/english/index/css/app.css?id=2fbe2d9a9a40ca9b2489 IP104.21.18.223:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /uverwitsw/english/index/css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: prizeandoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/uverwitsw/english/index/index.html?cid=Q3XkzgJ9TNoq1S2yzwnJ8f&source=8643601b-03d2-41b2-b1c1-d0d67ed15969&key=eyJ0aW1lc3RhbXAiOiIxNjc1Nzk5ODgyIiwiaGFzaCI6IjRiYzNiYmI3NTBlN2Y5NjI2YjVjYWQ3NTcxYmFhZTJmOTJlMDQwYjUifQ%3D%3D&bemobdata=c%3D8643601b-03d2-41b2-b1c1-d0d67ed15969..l%3D8aeae600-bb55-4403-bc8b-e74e484eb018..a%3D1..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 19:58:02 GMT
content-type: text/css; charset=UTF-8
cf-ray: 795eb2b42dccb524-OSL
cache-control: public, max-age=14400, must-revalidate
etag: W/"df252afa0caf10d0eee2b25f002df84e-ssl"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
x-nf-request-id: 01GRPQ9V6WA19CDK759XTPFQQQ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDOxPBStxTjdj21ZKfJeuZRA4PUc7BkBL7W15kT58BiTS%2B3epIRJF%2FPOWQ0hnxhIQVm4i%2FHpXn7bvVCJoL%2Bgs%2BD2fLNAwn5Zs9FVwRKBW0%2BBo7Qj1RRvDgNKnhubDDGpIpmq%2FmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gauvaiho.net/pfe/current/micro.tag.min.js?z=5701578&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&sw=/sw-check-permissions-81641.js | 139.45.197.251 | 200 OK | 0 B |
URL HTTP/2gauvaiho.net/pfe/current/micro.tag.min.js?z=5701578&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&sw=/sw-check-permissions-81641.js IP139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=5701578&ymid=Q3XkzgJ9TNoq1S2yzwnJ8f&var=8643601b-03d2-41b2-b1c1-d0d67ed15969&sw=/sw-check-permissions-81641.js HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prizeandoffers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 19:58:03 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:42 GMT
etag: W/"63e2610a-a083"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|