cn47e.bemobtrk.com/go/2e8a0f04-effe-458c-8179-60485c87d671
3.70.16.242302 Found 480 B URL HTTP/1.1 cn47e.bemobtrk.com/go/2e8a0f04-effe-458c-8179-60485c87d671
IP 3.70.16.242:0
File type HTML document, ASCII text, with very long lines (480), with no line terminators
Hash 901b05314552da026dc5c1e8aae25a2f
f916d830c0b443cae0e182f72748dc3b8d654492
ff90e56c02f33d614e4a333f5a7536aa09e4c0187f3d04fe9086959060ae720f
GET /go/2e8a0f04-effe-458c-8179-60485c87d671 HTTP/1.1
Host: cn47e.bemobtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: openresty
Date: Thu, 23 Feb 2023 16:06:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 480
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://dailyrew23.info/RM/Romania?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Set-Cookie: bemob-uniq-visit:2e8a0f04-effe-458c-8179-60485c87d671=1; Domain=cn47e.bemobtrk.com; Path=/; Expires=Fri, 24 Feb 2023 16:06:20 GMT; HttpOnly
bemob-rotation:2e8a0f04-effe-458c-8179-60485c87d671:random:facede850305a9a991ac600ef4669916=0-0-0; Domain=cn47e.bemobtrk.com; Path=/; Expires=Fri, 24 Feb 2023 16:06:20 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Fdailyrew23.info%2FRM%2FRomania%3Fdevicemodel%3D%26browser%3DFirefox%26ip%3D91.90.42.154%26bemobdata%3Dc%253D2e8a0f04-effe-458c-8179-60485c87d671..l%253D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%253D0..b%253D0..ts%253D1677168380884; Domain=cn47e.bemobtrk.com; Path=/; Expires=Fri, 24 Feb 2023 16:06:20 GMT; HttpOnly
Vary: Accept
X-Response-Time: 5.957ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13449
Expires: Thu, 23 Feb 2023 19:50:30 GMT
Date: Thu, 23 Feb 2023 16:06:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4277
Expires: Thu, 23 Feb 2023 17:17:38 GMT
Date: Thu, 23 Feb 2023 16:06:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 15:38:21 GMT
content-type: application/json
age: 1680
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9176
Expires: Thu, 23 Feb 2023 18:39:17 GMT
Date: Thu, 23 Feb 2023 16:06:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zVCPztYzYn4ej3bmZSV6OdrBap+BN9iJTaOi3b7VRLeBBusSSfM9lWoKuWwH0+1/mJhbdlSevJE=
x-amz-request-id: PA6TJN1F5K3KVP5K
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 15:49:08 GMT
age: 1033
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 16:06:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 15:51:26 GMT
age: 895
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4295
Expires: Thu, 23 Feb 2023 17:17:56 GMT
Date: Thu, 23 Feb 2023 16:06:21 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.84.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.84.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CjEuUBtMQ0B4Iw9I3Gq2og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xicpIUv9dslglhxzssKPpsgSRqs=
dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
181.215.78.145200 OK 3.6 kB URL HTTP/2 dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304)
Hash cab1b2df5df466c5c0a447caafd0241d
b6c464d2028b12fb29fd0b295740c0fe46e11db2
82c6754a508795f8901d0ca9650ce68391f586dc4732c99d237a1278ae45f3f0
GET /RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884 HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
etag: "44cb-63eba321-a08e2;br"
last-modified: Tue, 14 Feb 2023 15:05:05 GMT
content-type: text/html
content-length: 3557
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 16:06:22 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Thu, 23 Feb 2023 16:57:33 GMT
Date: Thu, 23 Feb 2023 16:06:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Thu, 23 Feb 2023 16:57:33 GMT
Date: Thu, 23 Feb 2023 16:06:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Thu, 23 Feb 2023 16:57:33 GMT
Date: Thu, 23 Feb 2023 16:06:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Thu, 23 Feb 2023 16:57:33 GMT
Date: Thu, 23 Feb 2023 16:06:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 66128
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dtWC44nCUmtR6U6wTsd4PynkTqmJ79bFeZmUJUVQguz3l8BSR9A1Zg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:02:15 GMT
age: 43448
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad634fdc193376aca920992acee39f5
953d4b4371b178ea2724559b19809a9958be7657
1bc7a0d46c27d959df93ef25754d0602c0b46399439b50d5937f9826f1d3d6ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4051
x-amzn-requestid: 4baa1266-08ab-4447-a40b-93d838673207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AUDcgEtgIAMF6RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eb191c-4d3ab6ab768a345b53c5891c;Sampled=0
x-amzn-remapped-date: Tue, 14 Feb 2023 05:16:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kBOzs4Gfb3bEStS1hg6OhUov4vL1tSfJr3X8afXnr2zaIAR8qSQolQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 20:10:16 GMT
age: 71767
etag: "953d4b4371b178ea2724559b19809a9958be7657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:51:47 GMT
age: 65676
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc56e7499a3e9db178e91df024e668f0
9cc85c16fd4a9d10df5db5ddfc54b0d88999f317
25ffc87e2be6e0dc9ac208aafbefa99bb4c1d6476c1447056b83d462cd182df2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: 4eb1ca50-a322-4f64-8cb9-be0315918800
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYWFF8fIAMFRlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46dc0-35fee09f3e6ff22358e9da0c;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ifg3X--I8qSAGRMvv97fc3eLcmMZuEoLcaA87ONUHByrqcO_vfFq4Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:04:42 GMT
age: 39701
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 00:42:09 GMT
age: 55454
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rmcss/bootstrap.min.css
181.215.78.145200 OK 20 kB URL HTTP/2 dailyrew23.info/RM/Romania/rmcss/bootstrap.min.css
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with very long lines (65324)
Hash 4f020dd9c41e46664b4182791827111f
3ec63708a37c86f3472673e177c28fc1caebe9b4
427524e76c41b8013c9326ebacea93d955ad02b8dc17a66183e60dded6a4ab75
GET /RM/Romania/rmcss/bootstrap.min.css HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:22 GMT
etag: "2606e-63eba328-a08e6;br"
last-modified: Tue, 14 Feb 2023 15:05:12 GMT
content-type: text/css
content-length: 20358
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 16:06:22 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
181.215.78.145301 Moved Permanently 2.6 kB URL HTTP/2 dailyrew23.info/RM/Romania?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
Hash 37955ef5823995a356e88e2a4bb9646c
d34213528d745e6283f3258f61052b8e3f358792
889f216ae5498c552dcb09dc8adc4175e0956a28027a2b64d830940398456e08
GET /RM/Romania?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884 HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
date: Thu, 23 Feb 2023 16:06:22 GMT
server: LiteSpeed
location: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rmjs/jquery.min.js
181.215.78.145200 OK 30 kB URL HTTP/2 dailyrew23.info/RM/Romania/rmjs/jquery.min.js
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with very long lines (65451)
Hash 0fcbafbb010c311c2b7bde481364887c
7e34927ca9c83bab9cb840ebe1bc25edcc22a80d
373625e40f243700b110e10732cb2e3a13714ef3b9b2ed6a8d6e451640e918ad
Analyzer Verdict Alert fortinet Phishing
GET /RM/Romania/rmjs/jquery.min.js HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "1538f-63eba32e-a08e9;br"
last-modified: Tue, 14 Feb 2023 15:05:18 GMT
content-type: application/x-javascript
content-length: 29523
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rmjs/bootstrap.bundle.min.js
181.215.78.145200 OK 21 kB URL HTTP/2 dailyrew23.info/RM/Romania/rmjs/bootstrap.bundle.min.js
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with very long lines (65297)
Hash 92f65f79befc0455695c41c5ba5b295f
0059665531c88465fddd29d7be8b2cecc35aa0c8
5acebee56201b0f8c5edc67c7d00e772396883c0129bc4509cc14a8eaa9ac38c
Analyzer Verdict Alert fortinet Phishing
GET /RM/Romania/rmjs/bootstrap.bundle.min.js HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "1332b-63eba32e-a08ed;br"
last-modified: Tue, 14 Feb 2023 15:05:18 GMT
content-type: application/x-javascript
content-length: 21222
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/r1.png
181.215.78.145200 OK 1.7 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/r1.png
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 119 x 85, 8-bit colormap, non-interlaced\012- data
Hash 45958b963a7b0c58ad7444d77e20c748
60e2fe5c32eca48cb489f97d90acc8faf9a8b6fe
1b90f30b41aa99fa5409153c57146d6a46ff5c156879fced67a98e2ec1fa67aa
GET /RM/Romania/rm-mg/r1.png HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "688-63eba333-a08f0;;;"
last-modified: Tue, 14 Feb 2023 15:05:23 GMT
content-type: image/png
content-length: 1672
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm.jpeg
181.215.78.145200 OK 8.4 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm.jpeg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x93, components 3\012- data
Hash 37ba5bccd7289f5b87dd0a9b6c42c4a0
f2bb99511f5912927f98120abfc2038adc65ab47
d75694684509ad1c14385cfc3c9c30929769da72390ac2e67d06bdc8e19731d9
Analyzer Verdict Alert fortinet Phishing
GET /RM/Romania/rm-mg/rm.jpeg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "20bf-63eba335-a08f2;;;"
last-modified: Tue, 14 Feb 2023 15:05:25 GMT
content-type: image/jpeg
content-length: 8383
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2d72cb526d8d1fb4b3353da42d0571f0
3d2c81ae1a0a75b7fdfdba73333283a8cd48734e
0afcf8ba4fdce1349ae546bf77a1ec5b18def779bc25ebaaf56044a164d31745
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AFCF8BA4FDCE1349AE546BF77A1EC5B18DEF779BC25EBAAF56044A164D31745"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10878
Expires: Thu, 23 Feb 2023 19:07:41 GMT
Date: Thu, 23 Feb 2023 16:06:23 GMT
Connection: keep-alive
dailyrew23.info/RM/Romania/rmjs/rm.js
181.215.78.145200 OK 5.0 kB URL HTTP/2 dailyrew23.info/RM/Romania/rmjs/rm.js
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with very long lines (16693)
Hash 6e1bd7f895cbe0be34a6f859b682a7e9
61f8cf26db53f299852a201f538716e6cc10ba11
be09c445e69b4c1c96b83b5e9bb7e9cee3d0a5048ddbdeaf6c701b505975bdf6
Analyzer Verdict Alert fortinet Phishing
GET /RM/Romania/rmjs/rm.js HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "4136-63eba32f-a08ee;br"
last-modified: Tue, 14 Feb 2023 15:05:19 GMT
content-type: application/x-javascript
content-length: 4976
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm1.png
181.215.78.145200 OK 66 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm1.png
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 400 x 331, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a01009a916691d5e6faa2ff116978f0
d41db98df78ea4060bd45340b855bda69d6659a0
de65620461f5550d628f9d720ebee2f3e4727126523a74bd76d0efc445d266bd
GET /RM/Romania/rm-mg/rm1.png HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "10174-63eba336-a08f3;;;"
last-modified: Tue, 14 Feb 2023 15:05:26 GMT
content-type: image/png
content-length: 65908
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm2.png
181.215.78.145200 OK 4.0 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm2.png
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c420ffc936b3445640d26324b252976
fd620c4b7e19bbccb4ee707f238e57e46d75f7d2
5f802b3e7e9294978951b0c546d38c1bc26d2de92068c413d0637c320197a885
GET /RM/Romania/rm-mg/rm2.png HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "fa6-63eba336-a08f4;;;"
last-modified: Tue, 14 Feb 2023 15:05:26 GMT
content-type: image/png
content-length: 4006
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
deefauph.com/pfe/current/micro.tag.min.js?z=5681109&sw=/sw-check-permissions-a90c6.js
139.45.197.251200 OK 15 kB URL HTTP/2 deefauph.com/pfe/current/micro.tag.min.js?z=5681109&sw=/sw-check-permissions-a90c6.js
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (41237), with no line terminators
Hash 7476cde497370386570f59c93569a72f
7730acfb00f42423bcae785bfe871f82001b209b
d0bd341633dfefa37dcab50fb6406606b2202eb3c6cf96853aed009601726d61
GET /pfe/current/micro.tag.min.js?z=5681109&sw=/sw-check-permissions-a90c6.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 16:06:23 GMT
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 17:09:26 GMT
etag: W/"63f3a946-a115"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rmm.jpg
181.215.78.145200 OK 38 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rmm.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:09:21 17:53:11], baseline, precision 8, 300x142, components 3\012- data
Hash fccecd92d9ce63cdf2fe144cfb2961aa
136619b32894bea514c2f55766e01096cf1196d9
b87ef8b53588ba9311f71c69cc2894ad98057347ec29c8814e06814860982cfb
GET /RM/Romania/rm-mg/rmm.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "925d-63eba33d-a0937;;;"
last-modified: Tue, 14 Feb 2023 15:05:33 GMT
content-type: image/jpeg
content-length: 37469
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm3.jpg
181.215.78.145200 OK 32 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm3.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=679, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], progressive, precision 8, 108x118, components 3\012- data
Hash d76f4064c8eee9eeb309eb7812138fc5
f2c3bb284bab7209280b6e9b0d347778195c0ce6
b7e487cf4d05c53f659a5a31d13a9a384224d6fcac0061f42c9ea0af8e688cdb
GET /RM/Romania/rm-mg/rm3.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "7d3a-63eba338-a08f5;;;"
last-modified: Tue, 14 Feb 2023 15:05:28 GMT
content-type: image/jpeg
content-length: 32058
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm4.jpg
181.215.78.145200 OK 38 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm4.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:09:21 17:53:11], baseline, precision 8, 300x142, components 3\012- data
Hash b804505cce1416cafa694f92dff4c919
dd65743614fb8f788b38cd69d2b14857bda8c2ad
b8bd66522db2cb71e0f0d138e7eef8a26bf25d516f63ffc7db6b6fada4355078
GET /RM/Romania/rm-mg/rm4.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "9578-63eba339-a08f9;;;"
last-modified: Tue, 14 Feb 2023 15:05:29 GMT
content-type: image/jpeg
content-length: 38264
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm5.jpg
181.215.78.145200 OK 27 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm5.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=228, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=221], progressive, precision 8, 108x111, components 3\012- data
Hash 5d790dbb4e16c70f8718380ec6128bae
b8c003797bf6cf6a9a8911ab9ab59c388a0cc183
ccf4e32ec9e0ab7dfe3dbf068ee1eefb39546fe34a1c0ccd9c8d66ac2bd43def
GET /RM/Romania/rm-mg/rm5.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "6af9-63eba339-a0925;;;"
last-modified: Tue, 14 Feb 2023 15:05:29 GMT
content-type: image/jpeg
content-length: 27385
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm6.jpg
181.215.78.145200 OK 27 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm6.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=446, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=444], progressive, precision 8, 144x145, components 3\012- data
Hash 7ee8e31cfa2cf3bb23fbf7be70ac064a
e9be1f866409c1964a4b7d67cbad058fb3c89c9a
f8a9c76534560681014793199c0f1440ce88f14650d7403957d90a359855549c
GET /RM/Romania/rm-mg/rm6.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "6a27-63eba33b-a092a;;;"
last-modified: Tue, 14 Feb 2023 15:05:31 GMT
content-type: image/jpeg
content-length: 27175
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm7.jpg
181.215.78.145200 OK 29 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm7.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=353, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=279], progressive, precision 8, 120x152, components 3\012- data
Hash 38b84007a9d143fd8a01cc5a027357de
1001fb81030f39981c3ae9c3b429d86ce6f44757
804a95d573e7fafe98e48589f0257023e2a5616769f06727ae697a857c96b586
GET /RM/Romania/rm-mg/rm7.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "7139-63eba33a-a0930;;;"
last-modified: Tue, 14 Feb 2023 15:05:30 GMT
content-type: image/jpeg
content-length: 28985
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm8.jpg
181.215.78.145200 OK 26 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm8.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=182, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=174], progressive, precision 8, 144x151, components 3\012- data
Hash 0d036cc60b0b716e4babb3840ea4bb55
91a8b1bc8834db4d729a58281df0e6d5e06f80ef
b1f6ef6dfa755fa03f98c79606adabde75632ed3153ef5a5ce8ea60e93977ed8
GET /RM/Romania/rm-mg/rm8.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "6553-63eba33c-a0933;;;"
last-modified: Tue, 14 Feb 2023 15:05:32 GMT
content-type: image/jpeg
content-length: 25939
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm9.jpg
181.215.78.145200 OK 38 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm9.jpg
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2021:09:21 17:53:11], baseline, precision 8, 300x142, components 3\012- data
Hash 10b26e3d217546bf9d938a3c7a6449c9
f29e79725f1c606628e861a25dcc464228f82799
a8efee949319ab0e178333a235da6d71e193109d0a691f4d76bf83e69e1330fe
GET /RM/Romania/rm-mg/rm9.jpg HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "94e8-63eba33e-a0935;;;"
last-modified: Tue, 14 Feb 2023 15:05:34 GMT
content-type: image/jpeg
content-length: 38120
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dailyrew23.info/RM/Romania/rm-mg/rm.gif
181.215.78.145200 OK 122 kB URL HTTP/2 dailyrew23.info/RM/Romania/rm-mg/rm.gif
IP 181.215.78.145:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 246 x 246\012- data
Size 122 kB (121587 bytes)
Hash 1f32223b3bcbe23d6efe15d914206440
1faa0c1e65002ca3880cb764be63abef5a3efac5
c0f27622e1c77dfe225b6e2637211c61861471c39e585461a5dc55017950e92a
GET /RM/Romania/rm-mg/rm.gif HTTP/1.1
Host: dailyrew23.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew23.info/RM/Romania/?devicemodel=&browser=Firefox&ip=91.90.42.154&bemobdata=c%3D2e8a0f04-effe-458c-8179-60485c87d671..l%3D2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a%3D0..b%3D0..ts%3D1677168380884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 16:06:23 GMT
etag: "1daf3-63eba334-a08f1;;;"
last-modified: Tue, 14 Feb 2023 15:05:24 GMT
content-type: image/gif
content-length: 121587
accept-ranges: bytes
date: Thu, 23 Feb 2023 16:06:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2