Overview

URL44.winprizes544.digital/myaff2icu/index.php?city=Mountain%20View&brand=Desktop&model=Desktop&browser=Chrome&cep=O7cQyTFZ3F1v5Yn9ooNLCYP_rZBNCcHiLege75O3LCSnE8eF5MhbLQWNs7k1cr9GxfyLdQi9defSx_MTBv45UjRQZELl40M8bpfb5dQQiVPwWjuXlh3H4L9fdAvjtzPpq9w99f6nZiMcaaoj1uDYsmoVfOD4VmcHztUbrmPhskUXcDLnY0JcIyqT0PlTx9FxoWFePYuTRU3O5VtX9wZwM74N8OnmmVorGWpBpx09zsuY-H1vt3hzNkMWrasCajU36IgctdwMYjaMyAJAHBAuij8uWNEDBRECO9mP2SdlQqkA3COl34ZwzShzOVBJO8-lvMSzd6FGvVJ0ICpydjqyMNgbrmr7eFPfgk-O9VtBbjB3WxeMUC53uI37k3YLhMYovhNub-N0dr2nvQ_0D3Cl5kJWHvjVNvogRWRwzUGdBq0&lptoken=16ef6970509334cf2206
IP 45.76.148.82 (Singapore)
ASN#20473 AS-CHOOPA
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-26 22:27:27 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts
1
Scam / Brand infringement
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-26 05:33:16 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.52.254
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
44.winprizes544.digital (23) 0 No data No data 45.76.148.82 Unknown ranking
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-26 05:33:20 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82
Date UQ / IDS / BL URL IP
2023-02-07 10:56:56 +0000 1 - 0 - 0 50.winprizes550.digital/myppush1/index.php?ci (...) 45.76.148.82
2023-02-07 04:35:48 +0000 0 - 0 - 1 78.winprizes678.monster/ph1/eng1ppn2.html?cit (...) 45.76.148.82
2023-02-07 03:27:57 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82
2023-02-07 02:31:53 +0000 0 - 0 - 4 62.winprizes662.monster/eng/phengnotix4.html? (...) 45.76.148.82
2023-02-06 21:56:16 +0000 0 - 0 - 1 78.winprizes678.monster/ph1/eng1ppn2.html?cit (...) 45.76.148.82


Last 5 reports on ASN: AS-CHOOPA
Date UQ / IDS / BL URL IP
2023-02-07 21:07:16 +0000 0 - 2 - 0 elhusseinyusmleprep.com/z02xz/w/view/login.php 144.202.87.104
2023-02-07 19:56:21 +0000 1 - 0 - 2 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8
2023-02-07 19:26:55 +0000 0 - 1 - 0 zagent365.zspeed-cdn.com/static/v2/among-us-t (...) 155.138.146.150
2023-02-07 15:51:59 +0000 0 - 1 - 0 zagent370.zspeed-cdn.com/static/v2/Practical- (...) 136.244.112.152
2023-02-07 15:49:18 +0000 4 - 7 - 0 mayank1099.duckdns.org/panel/28662d9.php 104.238.156.38


Last 5 reports on domain: winprizes544.digital
Date UQ / IDS / BL URL IP
2023-02-07 03:27:57 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82
2023-02-05 20:56:24 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-05 08:54:51 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-04 17:55:35 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-03 16:56:44 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-07 19:56:21 +0000 1 - 0 - 2 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8
2023-02-07 10:56:56 +0000 1 - 0 - 0 50.winprizes550.digital/myppush1/index.php?ci (...) 45.76.148.82
2023-02-07 07:53:47 +0000 1 - 0 - 2 mxsupergifts.digital/alwheelpropmx/index.html 217.69.13.14
2023-02-07 06:01:10 +0000 1 - 0 - 7 www.your-lucky-days.xyz/sweeps/iPhoneXS-EN-Sp (...) 54.230.111.40
2023-02-07 05:56:49 +0000 1 - 1 - 1 track.rendan-compto.com/9ed5687a-5907-4b78-81 (...) 18.195.128.171

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (7)
#1 JavaScript::Write (size: 11) - SHA256: e000a8123f92ad32a925afa62701d2d8f59ea2ac9f43c853a694a611c328fce1
23 November
#2 JavaScript::Write (size: 11) - SHA256: 0342d5c5dcf9f0eb86987d24682348de2daa97c02535f4fb307f77fec9faa3b2
22 November
#3 JavaScript::Write (size: 23) - SHA256: 3fff09e440a731a678b82d5ac23af084efe4ad184e402466fe28b7bd06a2170a
Sabtu, 26 November 2022
#4 JavaScript::Write (size: 5) - SHA256: 67ddb97ecc4c9ad6c4856aec11805281e1eba38193fa0e9013d57af1dca4bfb7
Sabtu
#5 JavaScript::Write (size: 6) - SHA256: c4ef2ec214f90032f39dddfbfe51add7ef2c79da14fb2ccf14cb4c9ad15e5c9a
Chrome
#6 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#7 JavaScript::Write (size: 11) - SHA256: 5a9aa1d7dec68717b1bca4dec4932a3502e3e8f8b7095d3636fb836df6dcc0e9
24 November


HTTP Transactions (40)


Request Response
                                        
                                            GET /myaff2icu/index.php?city=Mountain%20View&brand=Desktop&model=Desktop&browser=Chrome&cep=O7cQyTFZ3F1v5Yn9ooNLCYP_rZBNCcHiLege75O3LCSnE8eF5MhbLQWNs7k1cr9GxfyLdQi9defSx_MTBv45UjRQZELl40M8bpfb5dQQiVPwWjuXlh3H4L9fdAvjtzPpq9w99f6nZiMcaaoj1uDYsmoVfOD4VmcHztUbrmPhskUXcDLnY0JcIyqT0PlTx9FxoWFePYuTRU3O5VtX9wZwM74N8OnmmVorGWpBpx09zsuY-H1vt3hzNkMWrasCajU36IgctdwMYjaMyAJAHBAuij8uWNEDBRECO9mP2SdlQqkA3COl34ZwzShzOVBJO8-lvMSzd6FGvVJ0ICpydjqyMNgbrmr7eFPfgk-O9VtBbjB3WxeMUC53uI37k3YLhMYovhNub-N0dr2nvQ_0D3Cl5kJWHvjVNvogRWRwzUGdBq0&lptoken=16ef6970509334cf2206 HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.76.148.82
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Sat, 26 Nov 2022 22:27:16 GMT
Content-Length: 979
Connection: keep-alive
Location: https://44.winprizes544.digital/myaff2icu/index.php?city=Mountain%20View&brand=Desktop&model=Desktop&browser=Chrome&cep=O7cQyTFZ3F1v5Yn9ooNLCYP_rZBNCcHiLege75O3LCSnE8eF5MhbLQWNs7k1cr9GxfyLdQi9defSx_MTBv45UjRQZELl40M8bpfb5dQQiVPwWjuXlh3H4L9fdAvjtzPpq9w99f6nZiMcaaoj1uDYsmoVfOD4VmcHztUbrmPhskUXcDLnY0JcIyqT0PlTx9FxoWFePYuTRU3O5VtX9wZwM74N8OnmmVorGWpBpx09zsuY-H1vt3hzNkMWrasCajU36IgctdwMYjaMyAJAHBAuij8uWNEDBRECO9mP2SdlQqkA3COl34ZwzShzOVBJO8-lvMSzd6FGvVJ0ICpydjqyMNgbrmr7eFPfgk-O9VtBbjB3WxeMUC53uI37k3YLhMYovhNub-N0dr2nvQ_0D3Cl5kJWHvjVNvogRWRwzUGdBq0&lptoken=16ef6970509334cf2206


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (646)
Size:   979
Md5:    6c726618055105c32166704edef73f01
Sha1:   2bcc0af252cb570a079e8b981f82fae809cdc67e
Sha256: 5e61c43f31a9f0ab9ec8e83286ee84f1b813d6b4683a5909c12465326a3d1dff
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 22:27:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4259
Cache-Control: max-age=134091
Date: Sat, 26 Nov 2022 22:27:16 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:42:07 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 22:27:16 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 22:17:33 GMT
cache-control: public,max-age=3600
age: 583
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: +pjkQCuK+5scuQEk/+TzN35RJ6icKNbu7Sa0BR/55GoT2jyy8V0QZBwqcTMwXfyxbdtmw508Ng4=
x-amz-request-id: 7NXRCXR18XNSNEDT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:44:23 GMT
age: 2573
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:16 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 22:08:54 GMT
cache-control: public,max-age=3600
age: 1103
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2715
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 22:27:17 GMT
Last-Modified: Sat, 26 Nov 2022 21:42:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nx20l3jL3DaciGUhRAjfNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.52.254
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xov6xNXltxfDgY78myESGTylX9U=

                                        
                                            GET /myaff2icu/ixo.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 14197
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "3775-5dd7226e5f152"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 331, 8-bit colormap, non-interlaced\012- data
Size:   14197
Md5:    227549843293c6fa24a792b54248ef39
Sha1:   366312180e142c472c250d53334bec00a2634f79
Sha256: e79afff7ed20dae4001cd848396b37203f740cb03097d98a94d28e2874e743a8
                                        
                                            GET /myaff2icu/pw_ix.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 31191
last-modified: Mon, 25 Apr 2022 03:27:17 GMT
etag: "79d7-5dd72273dd571"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 501 x 501, 8-bit colormap, non-interlaced\012- data
Size:   31191
Md5:    5fc015b94e8c0ea18422670e93b141ce
Sha1:   b578ad18a8ba581e6bb26598bc081496aaf24175
Sha256: cb6830f49373a35ef541e1fc3de08e4fb1a99c2c7ada98025909669b30d4b8c4
                                        
                                            GET /myaff2icu/ix-s.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 10582
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "2956-5dd7226e4a932"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 236, 8-bit colormap, non-interlaced\012- data
Size:   10582
Md5:    77ce5723bbb951ae5b26478839f9f57e
Sha1:   a8748fea07c30d85a69ebfac68fb94746c063578
Sha256: f13ca6df822b46229be1c93a01180de802cc7391e98e6b349e04d41bf947a4a0
                                        
                                            GET /myaff2icu/ix-g.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 10749
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "29fd-5dd7226e39f91"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 236, 8-bit colormap, non-interlaced\012- data
Size:   10749
Md5:    2c1edeb88c3c4e0f13ef4dd7809e9e61
Sha1:   99c3273103fc958c99ee9da9900ea78ea1fc517d
Sha256: fc97772893ff2815057089661f7cb0755dd0b1e96af7b40a9ccc644dc88dd3e2
                                        
                                            GET /myaff2icu/like_user_1.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1293
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "50d-5dd7226eb8ed4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1293
Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb
Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb
Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
                                        
                                            GET /myaff2icu/like_user_2.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1216
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "4c0-5dd7226eca814"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1216
Md5:    f9299c2023539a8f27a6e1b12ed260e5
Sha1:   046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
                                        
                                            GET /myaff2icu/my11.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1017
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "3f9-5dd7226f38db7"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1017
Md5:    ea5a480ce9f5175b1305da649659f3e2
Sha1:   a86b6693a567918d7c7f5b69ea09bc3b54ec8b08
Sha256: 657f339c517ce2e89a0355eb327a5532eec6b10a81fd1047c5a6b59c418f42d0
                                        
                                            GET /myaff2icu/my12.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1358
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "54e-5dd7226f49757"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1358
Md5:    e9e838da5f1f374be3b7b620917a7f57
Sha1:   d0157bfc45aa1e2f291f7d9b12bff3000b86a112
Sha256: 9c5f1c0fafd56a61ce4bbfde6b287e2fb564718c46dbd825b243060cf4554cbc
                                        
                                            GET /myaff2icu/my13.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1241
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "4d9-5dd7226f5c038"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1241
Md5:    57a0ced58ec3b95e82a5969855badac2
Sha1:   f180e3047a27ca9bec7b846ce96b273ac176f6b4
Sha256: c8b5d9b1f95245213a1f0553ccae1140bf3b9b92ae2d6fffddfca138a1d0f8b4
                                        
                                            GET /myaff2icu/my17.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1101
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "44d-5dd7226f90bf9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1101
Md5:    f8d880b363c37e2c67f0ef180818a4e7
Sha1:   0eba8f1c533a4446dd2bb3736ef8e880ddfb7843
Sha256: b2211d80393499fd96a561cbc3695f1a1d7fb40ce0c7173ff6e7ea935ce86795
                                        
                                            GET /myaff2icu/my16.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1042
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "412-5dd7226f80258"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1042
Md5:    09e160b7e8738af97bdb5eeffad18d72
Sha1:   ced1302eb83edd6cd4fa5485198060d8a8a9abe6
Sha256: 934c8f2afaa9559ea4ec3da4e070be3bf8e894f6deb8e20413bd8ccd21b8fd03
                                        
                                            GET /myaff2icu/my14.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1559
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "617-5dd7226f6d978"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1559
Md5:    7c7142d86dc211731e3c15572ea85536
Sha1:   26b6f5a9011df0a33eebdb46e6ee49600aad2190
Sha256: fb8f60166e74367aea6c8205674026cb92ec1744ea1c35f3acdefc6baf8439ca
                                        
                                            GET /myaff2icu/index.php?city=Mountain%20View&brand=Desktop&model=Desktop&browser=Chrome&cep=O7cQyTFZ3F1v5Yn9ooNLCYP_rZBNCcHiLege75O3LCSnE8eF5MhbLQWNs7k1cr9GxfyLdQi9defSx_MTBv45UjRQZELl40M8bpfb5dQQiVPwWjuXlh3H4L9fdAvjtzPpq9w99f6nZiMcaaoj1uDYsmoVfOD4VmcHztUbrmPhskUXcDLnY0JcIyqT0PlTx9FxoWFePYuTRU3O5VtX9wZwM74N8OnmmVorGWpBpx09zsuY-H1vt3hzNkMWrasCajU36IgctdwMYjaMyAJAHBAuij8uWNEDBRECO9mP2SdlQqkA3COl34ZwzShzOVBJO8-lvMSzd6FGvVJ0ICpydjqyMNgbrmr7eFPfgk-O9VtBbjB3WxeMUC53uI37k3YLhMYovhNub-N0dr2nvQ_0D3Cl5kJWHvjVNvogRWRwzUGdBq0&lptoken=16ef6970509334cf2206 HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:17 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2380)
Size:   6372
Md5:    54b0a3b3caaecfae7ac545848d65737c
Sha1:   0d24eaa826e85edcf85a7b1c3977aa240f01edc7
Sha256: a492bf22aa82818612a81633b6b1a1430bec0b409343d4bd9fb82eb2c126fe98
                                        
                                            GET /myaff2icu/footer_right.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 4913
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "1331-5dd7226d1dcab"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Size:   4913
Md5:    0be1d52e6c9ea63928452dda6f1ea1b9
Sha1:   9686e91f67342fe625445612c6a68a7f05518331
Sha256: 2c998982251038bfd244986e4ea22da2dbb1d3308775c775b7943d10385de59d
                                        
                                            GET /myaff2icu/menu_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 156
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "9c-5dd7226f264d6"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 36, 4-bit colormap, non-interlaced\012- data
Size:   156
Md5:    e25a5701095b0a1a4c35e5406960bda8
Sha1:   a9fc28153d26c5e8c74b5328a5c1d78fdfb2e031
Sha256: 61958be1ad915c79ddd505bd5097d482b91f929f61771a94063f69ade75f864f
                                        
                                            GET /myaff2icu/notify_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 279
last-modified: Mon, 25 Apr 2022 03:27:17 GMT
etag: "117-5dd722739418f"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 36 x 32, 8-bit colormap, non-interlaced\012- data
Size:   279
Md5:    141ded45bb5d658d1582b253dda5dc01
Sha1:   1d6925385863dd534465c818495e168f0d4633b6
Sha256: 6d5c9dd1ad7b2543ca508f505aefb1bc6b055d39bd8894b6e481f090d0113a0d
                                        
                                            GET /myaff2icu/spin_prize2.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 2902
last-modified: Mon, 25 Apr 2022 03:27:19 GMT
etag: "b56-5dd722756dbb9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Size:   2902
Md5:    dc05391b4ed8b59f3cf2400ff3996f45
Sha1:   3996c073d670e035b391b778407287db9cda3c87
Sha256: 31a273951472fd3d9882b4e0464b1815078065127ef8eed782493a97cadd56a0
                                        
                                            GET /myaff2icu/action_icons_20px_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 1688
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "698-5dd7226c8c488"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size:   1688
Md5:    887a1513d01bb098928ae132c0dfc902
Sha1:   fba2c4a40dfe89ea83e088ae0577949af6765927
Sha256: ffa135c7ccdaf4dbd34ca273a467c2549f9c9e3a809eb3c87af93509fb84527e
                                        
                                            GET /myaff2icu/comment_action_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
content-length: 637
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "27d-5dd7226cfaa2a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size:   637
Md5:    4012bda46485e716c4341cef9c214c17
Sha1:   0a021ad69b618cc6baf618a305ba37f2b40a4da7
Sha256: 8f7e6c0300920a8d8847859adc639417386f837bc0a458436768d4207dc259cc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:27:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:27:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:27:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7e16e2-9f5f-4739-817a-8a5447d80ee4.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9549
x-amzn-requestid: b99fc256-bdbd-4e59-bdec-b3f453cdfaac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-50OFDDIAMFr1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c3ce7-75bc0aba74d71992450b11cb;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 03:07:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VOzEGsb5YWPA9-k63Jsb1Ejw9qoHfkH84GtbM2s7evsvv53iuh3Lug==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:54:18 GMT
age: 1981
etag: "7b0d859df11485329882daddcdd8ca85a1010e56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9549
Md5:    099add42d39565e1a14ba60a61261a8d
Sha1:   7b0d859df11485329882daddcdd8ca85a1010e56
Sha256: 01a81962c06247835668581bcdd337320c62ba2121e94570f663396b6647c2b1
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   9292
Md5:    9c8a36b65323f5ca2fff4c974d4608e5
Sha1:   d1677ddf4400b54a802460671fc4de3ada62b28d
Sha256: 51aa02f55c25410d2f34c914c22af15abcea71989b3be70321ffb44303ad9076
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 2142
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 22319
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8817
Md5:    741ddfb19764ac9a77509e7e87cfbfb2
Sha1:   308c08784ce4a0757cbd112807555b83e17a1d56
Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8335
x-amzn-requestid: 265466c8-029d-4738-bdbe-be0a161fb497
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOeD0GwYIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638276e5-1c8225cf00057ce0047f74ba;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 20:28:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TK_kNT9Vcv_lNMbiTqXxAYXCko2Gy64Oy9MGXwuBu9S_3DdqIc67Nw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:54:52 GMT
age: 1947
etag: "b298107232e837ccf8d853e6d2c91f67e74dc2ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8335
Md5:    c52c26038ed572c870cf2119865907b1
Sha1:   b298107232e837ccf8d853e6d2c91f67e74dc2ba
Sha256: d95471f66cf6404bfb5400c4c707fbb81bcaf4be1518313d3f513c9b2a3da1fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 16502
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5103
Md5:    116eb5028a206e55f758f3e34887c87e
Sha1:   10577d9fc19028a0e0303634ec16ad8b2d41fa7a
Sha256: d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
                                        
                                            GET /myaff2icu/clean.css HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
vary: Accept-Encoding
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: W/"2b87-5dd7226cd77aa"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /myaff2icu/my15.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Sat, 26 Nov 2022 22:27:18 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---