furned-mashorses.com/edc0cbee-44cc-423e-8afe-60fbfb4c7369
18.193.235.10302 0 B URL HTTP/1.1 furned-mashorses.com/edc0cbee-44cc-423e-8afe-60fbfb4c7369
IP 18.193.235.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /edc0cbee-44cc-423e-8afe-60fbfb4c7369 HTTP/1.1
Host: furned-mashorses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sun, 05 Feb 2023 11:12:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Pragma: no-cache
Set-Cookie: edc0cbee-44cc-423e-8afe-60fbfb4c7369-v4=qffF9E441gxF66HQ7DEdvRxkdxx17XProwor--RJ5zI; Max-Age=86400; Expires=Mon, 06-Feb-2023 11:12:30 GMT; Domain=furned-mashorses.com; Path=/; HttpOnly
cep-v4=f3VjG38RZDMIoBeryv9yUTb2TJGyVG8wYqi1ykFd9CLXGSCkmHK-Khs2mNSUA7LtovY-a5yCuy_jVRdKVAya_Zh4GQmBLu3acjxjIZ4JtIewsRSbIa-E6F47cQwG_oWe1bq7EP3sWuNcpQq7pjTI6XmdDl15mRGTfyl4LPYIZyUSLrT6SL5OQqVqziYgomJ2XiqcwVOt1kBux8qv_IOw8cdoflWSgtUW3gcIHJraIEoaVB8ISHJv2pY7_McN-vDcdOn1K-fHRXJrndLimmU8CQiDEr3fL4fG6501k6brQTk-WJmB42PUmcFk3OsR7wTnX1vVPCWDWvXhA7pqxCsh_awZ-4mt7gFF-Cz4eGQVEzg; Max-Age=86400; Expires=Mon, 06-Feb-2023 11:12:30 GMT; Domain=furned-mashorses.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5578
Expires: Sun, 05 Feb 2023 12:45:28 GMT
Date: Sun, 05 Feb 2023 11:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6569
Expires: Sun, 05 Feb 2023 13:01:59 GMT
Date: Sun, 05 Feb 2023 11:12:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 10:36:17 GMT
content-type: application/json
age: 2173
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21193
Expires: Sun, 05 Feb 2023 17:05:43 GMT
Date: Sun, 05 Feb 2023 11:12:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xTIIFP9GmtAb2w8B7ck83t30aTsjebMJ+A/946vcQ7AwPpBJz6WN4Sm5vcBiomCGsNURxlLz974=
x-amz-request-id: 9AP0GPSC5R2PFXPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 10:53:14 GMT
age: 1156
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:12:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 11:07:20 GMT
age: 310
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f096600a2a1103c5367c8a74bc87b278
d741f9ef2fb525a36588f4952d1ba38f939c02bc
7e5e60b79627efc42aa3897a3a5594a1b3e9ebdd3a01827330a054f47f170b66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E5E60B79627EFC42AA3897A3A5594A1B3E9EBDD3A01827330A054F47F170B66"
Last-Modified: Fri, 03 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4949
Expires: Sun, 05 Feb 2023 12:35:00 GMT
Date: Sun, 05 Feb 2023 11:12:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4338
Expires: Sun, 05 Feb 2023 12:24:49 GMT
Date: Sun, 05 Feb 2023 11:12:31 GMT
Connection: keep-alive
superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
209.94.60.101200 OK 2.5 kB URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
IP 209.94.60.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (386)
Hash 94de91338a45aa2bcb5e51028e2eddfe
733f108a1d7a4c94bf6fd09bf8cf3a63a5fd61e6
4d3ffedac90ff224a2e959c9ce77d81ba1a1808775f7eec5531549fb591f5577
GET /survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029 HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 19 Jan 2023 06:54:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c8e90a-1960"
Content-Encoding: gzip
superofferstc.com/survey/et/ethio/cash/css/app.css?id=2fbe2d9a9a40ca9b2489
209.94.60.101200 OK 87 B URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/css/app.css?id=2fbe2d9a9a40ca9b2489
IP 209.94.60.101:0
Hash cec18c42b1b37f854c56172f839813b0
3c086f3238cc7973fd302379ad2f3e6cb7c1ed49
0d209be74734590bb522ca2c9de62f4da0fcbac457d44ed8105be57c1e04233f
GET /survey/et/ethio/cash/css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: text/css
Last-Modified: Thu, 19 Jan 2023 07:01:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c8eaac-45"
Expires: Mon, 05 Feb 2024 11:12:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
push.services.mozilla.com/
35.160.120.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.120.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NrkMgy1vJTuUZEn3957HqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GCZ+LpyGZHQscJ0MHLhfpL7rGbg=
superofferstc.com/survey/et/ethio/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa
209.94.60.101200 OK 1.2 kB URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa
IP 209.94.60.101:0
File type ASCII text, with very long lines (3508)
Hash 97531ec03b7e740589659fc24447f87b
f3c01a9e9adf371a8b8fe263f54cbeddf79d55e8
59b09d9efa85fd29712c4ef8f7fd928bc8db6d4cfc51b0d2c1c0dfb470753ae3
GET /survey/et/ethio/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: text/css
Last-Modified: Thu, 19 Jan 2023 07:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c8ee51-dd8"
Expires: Mon, 05 Feb 2024 11:12:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
superofferstc.com/survey/et/ethio/cash/js/app.js?id=d95b2f380a2918b995e8
209.94.60.101200 OK 7.0 kB URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/js/app.js?id=d95b2f380a2918b995e8
IP 209.94.60.101:0
File type Unicode text, UTF-8 text, with very long lines (18572)
Hash dff9bcbd4fdf368b1aa578c44b651b37
ae6ce649e4f5442155badfc8b4b69c44a98a3138
3393155e988f7863f338ee5f23dda3299a5879d9b85e2b276237e182a49233ab
Analyzer Verdict Alert fortinet Malware
GET /survey/et/ethio/cash/js/app.js?id=d95b2f380a2918b995e8 HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 19 Jan 2023 07:01:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c8eaac-48ad"
Expires: Mon, 05 Feb 2024 11:12:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash daa36a7eb1454db63971c3ff78a18ae0
d895f343a0a9c0f856c308de9bbce83ceec8befd
e8608af46812e9916dc4b5fc5e3817e9ab24ed34f82e88c016d40d76742f588a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8608AF46812E9916DC4B5FC5E3817E9AB24ED34F82E88C016D40D76742F588A"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10874
Expires: Sun, 05 Feb 2023 14:13:45 GMT
Date: Sun, 05 Feb 2023 11:12:31 GMT
Connection: keep-alive
superofferstc.com/survey/et/ethio/cash/img/prizes/cash-500-usd/default/default@0.25x.png
209.94.60.101200 OK 2.8 kB URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/img/prizes/cash-500-usd/default/default@0.25x.png
IP 209.94.60.101:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash e8097f29e561cec2a90805b688363b05
1df3d6d277a91e97620e6075c67048aa360541b0
35acb88ac15dd098eee7a515d0764b8b5a3ed4c8c8d307f7b3115464796973e8
GET /survey/et/ethio/cash/img/prizes/cash-500-usd/default/default@0.25x.png HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: image/png
Content-Length: 2780
Last-Modified: Thu, 19 Jan 2023 07:24:24 GMT
Connection: keep-alive
ETag: "63c8f028-adc"
Expires: Mon, 05 Feb 2024 11:12:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
lemouwee.com/zone?&pub=0&zone_id=5590914&is_mobile=false&domain=superofferstc.com&var=&ymid=&var_3=&dsig=&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 lemouwee.com/zone?&pub=0&zone_id=5590914&is_mobile=false&domain=superofferstc.com&var=&ymid=&var_3=&dsig=&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5590914&is_mobile=false&domain=superofferstc.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://superofferstc.com
Connection: keep-alive
Referer: https://superofferstc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:12:32 GMT
content-length: 0
x-trace-id: 6c0ba4fea9170954f419674480945dda
access-control-allow-origin: https://superofferstc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
superofferstc.com/survey/et/ethio/cash/js/landers/survey/app.js?id=2137f4f9f820aa743623
209.94.60.101200 OK 51 kB URL HTTP/1.1 superofferstc.com/survey/et/ethio/cash/js/landers/survey/app.js?id=2137f4f9f820aa743623
IP 209.94.60.101:0
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash 831b838b8b9af7fff6c68c382f8ec867
50fb4edc919f538df4c7b454149b2e241bb2973e
65ec4665c3db666682f57a802bdcc8cd0e99e6bc298b95aa625b707ac7f12e6a
Analyzer Verdict Alert fortinet Malware
GET /survey/et/ethio/cash/js/landers/survey/app.js?id=2137f4f9f820aa743623 HTTP/1.1
Host: superofferstc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/survey/et/ethio/cash/?cep=1DKiFJuC8Z7d_hJLZB85RqvmFXBVjJfXx4NQIxbXrx6mVIhKvkmMEyzs3T9kbyzRbS3UvwWAl9ztv8uq4BUWXNa1PReuMYHwzx-G4X8M4I6MYQRf9MRZ_i0YnjMN7lS0mLUkqGuWGQOXvbCNSvUXHGfl6jE3QX06YKzLX6trJnHVMCYFR0m0DT7wpovz7Mhgm7j4aI1zCsalksdeP86LcSyC2hD_KlazM8VfXFmH_7mmrQK56ybAlGSwVmnONh_TYzwdyO7dbD8aE_IVLgxJp3ntJfZQ31bvfLVIZXJZCvR9VGjGU46Y3rD-DivYxfggT8zs_G4JqKYMaqZzdmZ6JjPGzAtopgtZ79p2Y8IvtCw&lptoken=16d3752559c073c05029
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 11:12:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 19 Jan 2023 07:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c8ee52-24c3b"
Expires: Mon, 05 Feb 2024 11:12:31 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4966
Expires: Sun, 05 Feb 2023 12:35:18 GMT
Date: Sun, 05 Feb 2023 11:12:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4966
Expires: Sun, 05 Feb 2023 12:35:18 GMT
Date: Sun, 05 Feb 2023 11:12:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:52:08 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 48024
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 26973
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 48546
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 46954
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 85325
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 85325
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lemouwee.com/pfe/current/micro.tag.min.js?z=5590914&sw=/sw-check-permissions-561c9.js
139.45.197.251200 OK 0 B URL HTTP/2 lemouwee.com/pfe/current/micro.tag.min.js?z=5590914&sw=/sw-check-permissions-561c9.js
IP 139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=5590914&sw=/sw-check-permissions-561c9.js HTTP/1.1
Host: lemouwee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://superofferstc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:12:32 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-a083"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2