r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10810
Expires: Fri, 23 Dec 2022 06:45:44 GMT
Date: Fri, 23 Dec 2022 03:45:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6713
Expires: Fri, 23 Dec 2022 05:37:27 GMT
Date: Fri, 23 Dec 2022 03:45:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 02:46:05 GMT
content-type: application/json
age: 3569
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3610
Expires: Fri, 23 Dec 2022 04:45:44 GMT
Date: Fri, 23 Dec 2022 03:45:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q5/8PJvn5B/PD35Cuy0jUq3kWCD5yWhhOaAAO1dV0e0WT25yQd148Q+cLDKI2iZTEL2LlMfi3sGto2jOyjE3vw==
x-amz-request-id: PCRT7BH6X1Q4MS6X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 02:53:54 GMT
age: 3100
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
castcawin.cf/kb/?cid=3q9sgmp6pkbl&n=2
172.67.174.81200 OK 106 B URL HTTP/1.1 castcawin.cf/kb/?cid=3q9sgmp6pkbl&n=2
IP 172.67.174.81:0
File type ASCII text, with no line terminators
Hash 8e9c6caf5d568008d4585ad14335c267
1efdad6062a90676078b33f527ca5c0e572f6bc9
72cb7cac472f28c3b383cfdac767154ccba03f5eecb32e49f1ac8c92f3db8954
GET /kb/?cid=3q9sgmp6pkbl&n=2 HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Set-Cookie: CID=3q9sgmp6pkbl; expires=Sun, 22-Jan-2023 03:45:34 GMT; Max-Age=2592000
SN=2; expires=Sun, 22-Jan-2023 03:45:34 GMT; Max-Age=2592000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cyas7OFZkZwy%2FfWgQhFl7YxC%2BE3v8Rlfd%2FodWimdmWgLF0btrMvWs8S8YL0e3vbZbS%2FAQWZ2wH0T7Alus4%2BkH5ho3BP7s%2F5Zs9xLqEBdtaIxO0l6lkQ1Rq9X1LRFnUo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77de1af0187bb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
castcawin.cf/lander/kb/page1.php
172.67.174.81200 OK 2.5 kB URL HTTP/1.1 castcawin.cf/lander/kb/page1.php
IP 172.67.174.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 295ba426f9cc51bbf3e2063907d44b88
2b936c82860997a7a8acd88eb8034a0b13b80e91
bfa9314d154724e1d66f49496296764c8e3502da19068c846237ed663cc4f224
GET /lander/kb/page1.php HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE693cc94l9%2FvN5I%2FbMnnAB9TuY%2FnoIPJ8fJu9ZVLiYRSuoF5QtuaM5Za86%2B3WA1wn3ST7EVJdCioLyXOmnerKKpuOQek%2BXPndDlVZv8icqI8rq5mHlYNTQHDL3YIK8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77de1af1c920b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
castcawin.cf/lander/kb/css/styles.css
172.67.174.81200 OK 4.3 kB URL HTTP/1.1 castcawin.cf/lander/kb/css/styles.css
IP 172.67.174.81:0
File type ASCII text, with CRLF line terminators
Hash 130a2e41802926684496f7dcbc7b8aba
f4d7181ae7688dda6edf9a6da57a21ccfd76e8d2
1e961ba2fa8daea0c1a99bc608aa180cd2716aa6c491f14e2cd3ae558eb1acc5
GET /lander/kb/css/styles.css HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-54f7"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=masvw61MJ8IlFg6ZN1JfGJKhr8UOfP%2Fp3LFjmJfU0GYO0rocmv38a77dC7p8adb7y8yIQog2CgyLx3TGM%2FNuC7w0r%2FzSTQMfiHTZ6ESFbw1K%2F50rFItA5I7MbsZ5Faw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af2e980b509-OSL
alt-svc: h2=":443"; ma=60
castcawin.cf/lander/kb/js/slick/slick.css
172.67.174.81200 OK 561 B URL HTTP/1.1 castcawin.cf/lander/kb/js/slick/slick.css
IP 172.67.174.81:0
Hash ba693f642defca5bed9f0a46f1106c5b
e6cf3b9354552da6a524b1c44c0f4c931db13298
c8b96d6e4552afb289cf8e5344166f9dfa8e7b5f162f4cc416da6a12d3a38dac
GET /lander/kb/js/slick/slick.css HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-6e7"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwmY%2FNdCYJkeeDhble3AGxWgahKzmrsMd0ZD7vgxnz6Hi%2FLiAGpUpFsDwy3ZBPh2EXjl1AMl9JcIjiYBVVW3WkJhpPFkFEwFfc8%2FbVQ3VGIMJeHfK%2FA0DHVHj6PyF5g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af2ea440b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
castcawin.cf/lander/kb/js/particles.min.js
172.67.174.81200 OK 6.0 kB URL HTTP/1.1 castcawin.cf/lander/kb/js/particles.min.js
IP 172.67.174.81:0
File type ASCII text, with very long lines (22774)
Hash f8a9aff38dfdbcb0f7272ad7d9877777
6e8ec249a147968a3d7b6d73434102687c1e705c
b9bc6adafeed50e2ab6364486efb450cb746f8d78f5ce87ea4f2edea0fbde3ce
GET /lander/kb/js/particles.min.js HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-5a42"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BWaz10Sr8bQAbwz9B%2FhQyRnKECIas4RXRZmld7s89pbXnnVCF%2FqwLoPtUtHZ5%2B2ZoKQuoDFoG%2BBbljyYc%2B4%2Fvf%2BlGmg04uLH3uglkT182MBKBCESMJbmwLIl3uvxwk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af30caa0b49-OSL
alt-svc: h2=":443"; ma=60
castcawin.cf/lander/kb/js/scripts.js
172.67.174.81200 OK 4.1 kB URL HTTP/1.1 castcawin.cf/lander/kb/js/scripts.js
IP 172.67.174.81:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (335)
Hash efd0cdf3eacc22e54aa4624330ea2a90
aebf53f71e535b865074cf3d65b2e67d206fea61
6c8106e133be587c2278d866d5bd55449bbca028a543df4e068ef144f5d6a570
GET /lander/kb/js/scripts.js HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-303d"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkOrCIQ7iBL32QzvqkRfVKvx3U4S1r2bMYmvCIIizfRiHzeXc8s6HILswAK%2B4PlcWclC%2BSkECpWvA4l1qjuyBmfcjrrPoeQVZjg9PRdmoAAusyEpXq2QvfnJF55vlnk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af30c7db500-OSL
alt-svc: h2=":443"; ma=60
castcawin.cf/lander/kb/js/slick/slick.min.js
172.67.174.81200 OK 9.7 kB URL HTTP/1.1 castcawin.cf/lander/kb/js/slick/slick.min.js
IP 172.67.174.81:0
File type ASCII text, with very long lines (32012)
Hash 91b1c0bdabfd7bf3346653b920cf8c8f
d15c0385a6f6e73df4af60153b438d8d70e6fdd7
63191fb6467a035e3c46fdca3c5fad4641fa686ab050618db3eb22f0b754892a
GET /lander/kb/js/slick/slick.min.js HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-9e0d"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy9OnQV0JuwoBJTLqRvISMj5K6Pk6H%2F1xcP5wlY55SFsh7s6MclOXK4KupNvLobGXMGSbhACyawxKTszwbNAKBwIZsatTObNpRQ3EYvyJjiGzlGsigrpvF1YiCUjw5c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af30c7cb500-OSL
alt-svc: h2=":443"; ma=60
i.ibb.co/VTDKD9L/win-image-7-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/VTDKD9L/win-image-7-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 3628b85b8e68f6ba8cc93e4829907dd7
e9f8147fe870ca1ec09e6f9ced370a39f6eb5a25
6f98b65848bdb4ddccd9958a33b2d4296416c296405c67ccc646d871f372c2b6
GET /VTDKD9L/win-image-7-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 23531
last-modified: Fri, 09 Dec 2022 13:46:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
castcawin.cf/lander/kb/js/jquery-1.11.0.min.js
172.67.174.81200 OK 33 kB URL HTTP/1.1 castcawin.cf/lander/kb/js/jquery-1.11.0.min.js
IP 172.67.174.81:0
File type ASCII text, with very long lines (32341), with CRLF line terminators
Hash 5fed5fa21b700df49ed7b6943e471504
7ef89099ef82de59593dc7dbe5a59f251ed7ccd3
cccc908fbe183c9b75164d614268d7dcc3e64b021ce79687b7f844922c78ec98
GET /lander/kb/js/jquery-1.11.0.min.js HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: W/"63a470ae-1787f"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPI5ea%2Bo5dj9at9ovllUPsWRgR3N9TwJ0WoppOeqv%2BovcSifS%2BBZ2pMUA5x4pZ3FpwkowO2y6VBhPgE%2FkB5jCOFlb1oXq%2FENzqlFggUS97YYYPRTRohZA3S2ehmBUPI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af30aadb4fd-OSL
alt-svc: h2=":443"; ma=60
i.ibb.co/5TkLxrW/win-image-8-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/5TkLxrW/win-image-8-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash ad8aef2581eb75f3f7fdc7d656572c39
09a714cdcb2219be5191a0c37a1e4cc792b619f1
f0af4e50ce49b921acfa3cd571a8ba759cb03b15de1a7fecce2c52e0fbe48bd4
GET /5TkLxrW/win-image-8-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 23558
last-modified: Fri, 09 Dec 2022 13:46:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/dKLcdsZ/win-image-9-min.png
162.19.58.160200 OK 25 kB URL HTTP/2 i.ibb.co/dKLcdsZ/win-image-9-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 07b0c9e70f36afe2901c32b7c0e569be
007f1d1c56fe38413fcee83e1a7dd8403f679c15
eacb288bb5c2ffc83d85abc3c3f04b0bc3b25c84316ba6571dae67d57f2d0d60
GET /dKLcdsZ/win-image-9-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 25410
last-modified: Fri, 09 Dec 2022 13:46:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/gZnPnD3/win-image-10-min.png
162.19.58.160200 OK 25 kB URL HTTP/2 i.ibb.co/gZnPnD3/win-image-10-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 23a979cbd4c79581d1aae928341fd3e2
a9c82280bc6875c3cee0365372f6b7b6c3383af2
422a961a3d85fc747ffa328ef00657a8be4eb2d111fea59bef8807c34c871ff4
GET /gZnPnD3/win-image-10-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 24720
last-modified: Fri, 09 Dec 2022 13:46:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/CWDDLbD/win-image-11-min.png
162.19.58.160200 OK 26 kB URL HTTP/2 i.ibb.co/CWDDLbD/win-image-11-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 47919d3c694d58175c292e2e4e8ecd4d
614a0ababb0d2bfa67d3f5eee5779b262f367bd0
9a6b454346bd91aebf91fcd892a90af2d3f34391a6c14bb66c1385a4ea5bcab2
GET /CWDDLbD/win-image-11-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 26485
last-modified: Fri, 09 Dec 2022 13:46:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/GMVrpTG/win-image-12-min.png
162.19.58.160200 OK 26 kB URL HTTP/2 i.ibb.co/GMVrpTG/win-image-12-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash a247a60c80ae82df022a4454ba5276a9
c5c5f59384d8d6dc638d5e6d6b818b317f7c13db
053bbe5103f7f1c42c237d78327389eba1d707fcbc1e4ea6c26aa6cf23f62b40
GET /GMVrpTG/win-image-12-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 25605
last-modified: Fri, 09 Dec 2022 13:46:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Ypzm6Y7/win-image-13-min.png
162.19.58.160200 OK 25 kB URL HTTP/2 i.ibb.co/Ypzm6Y7/win-image-13-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 60eba0dc48a9bc6e2b8c936afdb65d3d
5c6a1c79413bd482a5ee11de59b2c561e7d6d1db
7406c2986f0db7b6add2af19675e1d071feb6000d58c8288c754849ebed56e95
GET /Ypzm6Y7/win-image-13-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 25344
last-modified: Fri, 09 Dec 2022 13:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Ny49VgL/footer-image-min.png
162.19.58.160200 OK 28 kB URL HTTP/2 i.ibb.co/Ny49VgL/footer-image-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 213, 8-bit colormap, non-interlaced\012- data
Hash 16e6533ff44589dd081788f0612e2f88
1c7c7e757dee9683d9c483009bc6f5475f107159
41e6b8b243c5a71810d039f879ff1fb040cf5969c9ab4e3e9d45313b7f2a74b8
GET /Ny49VgL/footer-image-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 28003
last-modified: Fri, 09 Dec 2022 13:46:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/hDRbNsD/wcheck-min.png
162.19.58.160200 OK 9.2 kB URL HTTP/2 i.ibb.co/hDRbNsD/wcheck-min.png
IP 162.19.58.160:0
File type PNG image data, 189 x 189, 8-bit colormap, non-interlaced\012- data
Hash 7de0cef3206ee9280e1fd095dd27e5be
c519c2d635bf1aab7360b98525a2b4bd04bda9a2
7dd5432359437d9dda0cfab1a11d42fad6fe4809d6c76a6cc7a5ad3d716605cc
GET /hDRbNsD/wcheck-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 9219
last-modified: Fri, 09 Dec 2022 13:46:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/r4zgkgF/give-img-3-min.png
162.19.58.160200 OK 5.0 kB URL HTTP/2 i.ibb.co/r4zgkgF/give-img-3-min.png
IP 162.19.58.160:0
File type PNG image data, 80 x 192, 8-bit colormap, non-interlaced\012- data
Hash aa9555a60af63c7cdac0e7f1bdb4843c
0c5616cdcb1830a06699c81434d69e19b3485239
c6fd53b9b62a6e5e52bc08ede59bb41e232431749ae85754ff137bddf6bbcf9b
GET /r4zgkgF/give-img-3-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 5012
last-modified: Fri, 09 Dec 2022 13:46:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/MCRP3zZ/bottom-1-min.png
162.19.58.160200 OK 16 kB URL HTTP/2 i.ibb.co/MCRP3zZ/bottom-1-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 230, 8-bit colormap, non-interlaced\012- data
Hash 54862eac7129234749191f7438a0912a
63104253110757da9e7562f8c59a3399ce21c9c4
42ce31d26e1f38457f84c6256bdbf354dedd435efd27fa6b6cba17cb2f42f0ea
GET /MCRP3zZ/bottom-1-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 15609
last-modified: Fri, 09 Dec 2022 13:46:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/8mWvK3M/top-min.png
162.19.58.160200 OK 13 kB URL HTTP/2 i.ibb.co/8mWvK3M/top-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 160, 8-bit colormap, non-interlaced\012- data
Hash 418107d4d32bbec9a29a37d7cbef2cf7
206bc539566577c837e1ad9f34282099cc78b24e
8d71a34265b3b6e8d031c64fa794c47643a91fb953e6250501c8e6ec8cebed75
GET /8mWvK3M/top-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 12969
last-modified: Fri, 09 Dec 2022 13:46:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/YLcYQjH/first-image-min.png
162.19.58.160200 OK 2.6 kB URL HTTP/2 i.ibb.co/YLcYQjH/first-image-min.png
IP 162.19.58.160:0
File type PNG image data, 332 x 60, 8-bit colormap, non-interlaced\012- data
Hash 6120d7aebd6784b55c95682bd4aee24f
bd6eb842bda1920ca2cb48efc16887da86b7a22f
e4b8dd8fa081bf040a2e43ee687932714b71717121d3703f9c34baa7c6510d8c
GET /YLcYQjH/first-image-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 2635
last-modified: Fri, 09 Dec 2022 13:46:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/NpKCXzZ/bant-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/NpKCXzZ/bant-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 185, 8-bit colormap, non-interlaced\012- data
Hash 133e96aa0142d444b95e29f4bb4a781d
4e89fa3cbfa66c148fd09953e5870feef14fd667
7a05216caf975c549923df62fdd397f57d15c4a63bf2ac57bd419fd9560b32c0
GET /NpKCXzZ/bant-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 24210
last-modified: Fri, 09 Dec 2022 13:46:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/YtHBshf/give-img-1-min.png
162.19.58.160200 OK 7.5 kB URL HTTP/2 i.ibb.co/YtHBshf/give-img-1-min.png
IP 162.19.58.160:0
File type PNG image data, 82 x 247, 8-bit colormap, non-interlaced\012- data
Hash 035ae3431c106cb758bbf6d919bfbcff
e9574ad1783debd54fa9f15e6b23b3faa746be35
844f8f120b2cd34c37d526a914ab2e91f84e05928a1c9ef46208f530fa66f6ad
GET /YtHBshf/give-img-1-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 7536
last-modified: Fri, 09 Dec 2022 13:46:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/mCfSZGf/give-img-2-min.png
162.19.58.160200 OK 7.0 kB URL HTTP/2 i.ibb.co/mCfSZGf/give-img-2-min.png
IP 162.19.58.160:0
File type PNG image data, 83 x 235, 8-bit colormap, non-interlaced\012- data
Hash 07961b61794d4bbaee0406f60885e57a
72f48f8140a3882faeca03dec832dd465f436177
9ee26946d8259ef278b40591c4995d723e2f860298a81a14c9001da117ccf915
GET /mCfSZGf/give-img-2-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 6952
last-modified: Fri, 09 Dec 2022 13:46:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/FW8WLb9/kol-min.png
162.19.58.160200 OK 22 kB URL HTTP/2 i.ibb.co/FW8WLb9/kol-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 125, 8-bit colormap, non-interlaced\012- data
Hash 6de0a4f9e24e0b13c5a0bbc2c5943465
6522855673c8583a08fa6010327548dd6db0fd8e
0791f8204e84a289dba3b0ad24cf3c1368573afa9818a747b69d83d65d93b3c5
GET /FW8WLb9/kol-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 21632
last-modified: Fri, 09 Dec 2022 13:46:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/X4PJwY2/win-image-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/X4PJwY2/win-image-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 7cfc77540ac7aacfc6bd1918d72e0155
33d4d2f34b46927f968bd9a45d61eba8961d114f
be44d59a0b36049d5d3c4a022223a29061a0e43b9d7c89894aa1f2c1526a9d87
GET /X4PJwY2/win-image-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 23653
last-modified: Fri, 09 Dec 2022 13:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/RTCrh6D/win-image-2-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/RTCrh6D/win-image-2-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 3197cc84f1e0200d1a0e9c8f51022649
383ed442afac849393fb341729c8bd557cc2b04f
472e40a211bb38b2137b5d87617f8fb190d9418c28157d378a629ad3ba86b9f1
GET /RTCrh6D/win-image-2-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 23461
last-modified: Fri, 09 Dec 2022 13:46:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/tz7j1s2/win-image-3-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/tz7j1s2/win-image-3-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 3e4d435ca27b146cd50d897c5e3f396d
72bfaea4d03606fdca5c0aaf93e5579188fa9c52
c1cb5e561ae1ebcbf1c0bebae8f5488acce371a718bd9f3440ee2dd2bab35fab
GET /tz7j1s2/win-image-3-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 24424
last-modified: Fri, 09 Dec 2022 13:46:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/M7cDvGn/win-image-4-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/M7cDvGn/win-image-4-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash f9fdc28d07df9886cea8c98d02b799e1
1eb1d2837caf1bf809e3a25a16c7d079c2b7ca6a
7ecafde65ad6fcbc8e7a3620ef408ed3302cd2b19b8353450dce9d7972298630
GET /M7cDvGn/win-image-4-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 24095
last-modified: Fri, 09 Dec 2022 13:46:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/VBNGTNB/win-image-5-min.png
162.19.58.160200 OK 25 kB URL HTTP/2 i.ibb.co/VBNGTNB/win-image-5-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 6113882f33c635135f42b0b2d535ef55
4a5d0f318923759b6d5b1271cf47a6fa8556c2bc
cda08db8421d17e68f73ba86ec088e3cb36fe8ee2c9db57b5d4dff3dc9bf287c
GET /VBNGTNB/win-image-5-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 25117
last-modified: Fri, 09 Dec 2022 13:46:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/jTwRDhD/win-image-6-min.png
162.19.58.160200 OK 24 kB URL HTTP/2 i.ibb.co/jTwRDhD/win-image-6-min.png
IP 162.19.58.160:0
File type PNG image data, 255 x 307, 8-bit colormap, non-interlaced\012- data
Hash 6d55af990872d0b42bd4e7de4b23cfbc
5b7376af46c98223e18927ce32f81768165d6d73
a4552d87865e2afa80b0df21eb776b5557a003f87ad8d9294cac1495c76cdb2f
GET /jTwRDhD/win-image-6-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 24398
last-modified: Fri, 09 Dec 2022 13:46:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/9sfMbxW/w-bg-1-min.png
162.19.58.160200 OK 45 kB URL HTTP/2 i.ibb.co/9sfMbxW/w-bg-1-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 554, 8-bit colormap, non-interlaced\012- data
Hash 74bb8963c9e15a9bdb2388a56359e94f
bef910ddb03d0b99f061f495444dd3baab24546a
3ad35360ee382cfd66e6664fb04ee2291f45bdb5ff2a66e21eb2ed8ffa5dd7c3
GET /9sfMbxW/w-bg-1-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 44661
last-modified: Fri, 09 Dec 2022 13:46:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/f27JvB7/first-bg-min.png
162.19.58.160200 OK 97 kB URL HTTP/2 i.ibb.co/f27JvB7/first-bg-min.png
IP 162.19.58.160:0
File type PNG image data, 480 x 744, 8-bit colormap, non-interlaced\012- data
Hash 3c0d29526c7f9f16624b9f3f638882a0
03a50d88c9c9d6587e163171e461e175a9f86bf5
8e5e5e9a5f96b38cbf9b31f2afc0868291feea7f09e31412bedfb4cd9237676c
GET /f27JvB7/first-bg-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 96681
last-modified: Fri, 09 Dec 2022 13:46:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/tHJVcNb/btn-arrow-min.png
162.19.58.160200 OK 375 B URL HTTP/2 i.ibb.co/tHJVcNb/btn-arrow-min.png
IP 162.19.58.160:0
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash bd97fea3e11d10cb90f76e585a1675af
ce1a8d854194f49444b4175c475de47826d4e546
b587270d2ba1d54ecd805b3884b301fe2760dd3af34fe544e86f3521f8c621d1
GET /tHJVcNb/btn-arrow-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 375
last-modified: Fri, 09 Dec 2022 13:46:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/p2VnCym/snowflake3-min.png
162.19.58.160200 OK 12 kB URL HTTP/2 i.ibb.co/p2VnCym/snowflake3-min.png
IP 162.19.58.160:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash e0b975d243b9d6f5c13ffccba7cc2529
33f306963ccef8c2061554ecd5a3e973f82de92d
3c4812130c79feac9360250d5d2f703e8acfbc01eb408491631c52879b5fd086
GET /p2VnCym/snowflake3-min.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:45:35 GMT
content-type: image/png
content-length: 11772
last-modified: Fri, 09 Dec 2022 11:12:12 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://castcawin.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 01:47:01 GMT
expires: Mon, 18 Dec 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 439114
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
castcawin.cf/lander/kb/fonts/RoundedMplus1c-Black.woff2
172.67.174.81200 OK 1.0 MB URL HTTP/1.1 castcawin.cf/lander/kb/fonts/RoundedMplus1c-Black.woff2
IP 172.67.174.81:0
File type Web Open Font Format (Version 2), TrueType, length 1012892, version 1.0\012- data
Size 1.0 MB (1012892 bytes)
Hash 358f50fc0ba426849187f574842b2a58
d91921f0e968b9ee5905adf11c29b0e365bee435
b699fdc600e93649fbc05f447290f4bdb4345506104ad5a05c3858fabc17dc32
GET /lander/kb/fonts/RoundedMplus1c-Black.woff2 HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/css/styles.css
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: font/woff2
Content-Length: 1012892
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:58:54 GMT
ETag: "63a470ae-f749c"
Expires: Mon, 02 Jan 2023 03:45:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFdIkzunJ2zjxbTeCEBzZ11Ode%2FhJ6F2QiszgS7xIY8pnB7ZkEzthZdSVXOQyjNFpVAWy5KIUfm1MBZVSWb4%2Bifi591QXqbzskurK4iGvTOnENKiFYptvH4u6w43ed0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af49b77b4fd-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17076, version 1.0\012- data
Hash e248902a9f045310063e7a14a46fd9ae
aec66565f555ee0ca4d39e584a1b484db127fa3b
262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://castcawin.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 07:12:01 GMT
expires: Sat, 16 Dec 2023 07:12:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 21:07:51 GMT
content-type: font/woff2
age: 592414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 03:08:02 GMT
age: 2253
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: max-age=110631
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:45:35 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 10:29:26 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
castcawin.cf/favicon.ico
172.67.174.81404 Not Found 109 B IP 172.67.174.81:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /favicon.ico HTTP/1.1
Host: castcawin.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://castcawin.cf/lander/kb/page1.php
HTTP/1.1 404 Not Found
Date: Fri, 23 Dec 2022 03:45:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm27rGkldEX96B272ORrY9zJARTTPSWUWBW3VaBpl9OJszmDwWiruxQjiP93bn7Y8UYKM27EoBBDM1%2FrsgaLTBOPP5wx1XBHkt3vqDmq2GWb19t6NLucuRHe2Bcxgos%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77de1af69c52b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O6QvRH4W+fysyNok5q+/vA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uD45BcYldWLk8aDPes3/RplbRhw=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Fri, 23 Dec 2022 07:47:39 GMT
Date: Fri, 23 Dec 2022 03:45:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Fri, 23 Dec 2022 07:47:39 GMT
Date: Fri, 23 Dec 2022 03:45:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Fri, 23 Dec 2022 07:47:39 GMT
Date: Fri, 23 Dec 2022 03:45:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Fri, 23 Dec 2022 07:47:39 GMT
Date: Fri, 23 Dec 2022 03:45:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Fri, 23 Dec 2022 07:47:39 GMT
Date: Fri, 23 Dec 2022 03:45:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FGP2S7V05eAwwnHzdlYQJC9ZW-5xLD8Aqi7XBCcJtaqbVoNCocGFhw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:50:42 GMT
age: 6895
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37ffea06e6cf128e4e43c662f4e8ad21
2d7b97172e7a0481a6eb1ccf0aa970d8934b2146
54a17f81719e2113d10e4bfadda1770b2f7d7827d6dc718327a1e469a4e07eca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2495
x-amzn-requestid: 9fe89a74-d6ce-4c60-94d6-42f3ff69a1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqH68IAMFYGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-3c64c13f25da86714b698121;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: giGN-w7dHck4wGdPQY0t1Io_Ms1uUMDLJv-C7Pw0zsB4fIRV9_Flwg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:11 GMT
age: 22046
etag: "2d7b97172e7a0481a6eb1ccf0aa970d8934b2146"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88dede3fbbab789a953b46f7abd99bec
fdd5a2c09ec16ffccd33bde9f503171607b65653
a45d65e7e99c7eca94d2ded3741d1823a8ff1358065021e837b65247fd0e96ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8838
x-amzn-requestid: 0dc7c87e-41a8-4bb9-94d3-fe58274100c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqFaxoAMFk-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-58fd6c175081eb4b11663189;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iI3L3JYjnY8hPns-f2AQwmQTZgsnPsLUFHPF4GyNC0D-JdYWsdCm1A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:49:55 GMT
age: 21342
etag: "fdd5a2c09ec16ffccd33bde9f503171607b65653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bbbb7eaaa4b72573f00472962e147b9
617524daae76010761f7c1a91ef7d820f3bfa18d
8bd70123b979f4fa9b0dfaac49a8fe5a13b7f61ea1b3355b66c2f4b9450f42ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7938
x-amzn-requestid: c9915489-5c21-4200-ad77-ce1bcc1094ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diJhHErEIAMF_pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3efa0-50147a2c3de345c0015d4ecc;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 05:48:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UqAJpml3Tp2OHPiH1BKm7xZQTZ_mzwjjYxnArqCgcKQ0CJYwLUEgHA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 08:03:23 GMT
age: 70934
etag: "617524daae76010761f7c1a91ef7d820f3bfa18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 2047fa50-737a-420b-8bcd-6ba2d79b60eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOjrhHuiIAMF5JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c197c-0103d96966f2f8924b8c8a10;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 07:08:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MAD0zRheKGRmq1aqcKD5oOfjQFY_8CeffvGAvwTxjhKihl6PqbzV8Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:52:36 GMT
age: 39181
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -24dBoLhaZcF6kjZCYp8EJSAYmslMmv15G3oPgPAydPxVA0j51Vs3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:52:20 GMT
age: 6797
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap
IP 142.250.74.74:0
GET /css2?family=Inter:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://castcawin.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 03:45:35 GMT
date: Fri, 23 Dec 2022 03:45:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2