urlquery - report: 58.winprizes658.monster/engaff/phaff2022n4.html

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-12-08 17:12:06 UTC	23.36.77.32
58.winprizes658.monster (21)	0	2022-11-13 14:21:51 UTC	2022-12-09 04:54:03 UTC	45.76.148.82	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-08 17:14:01 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-08 17:20:00 UTC	54.148.53.106
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-08 17:12:32 UTC	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-08 17:21:04 UTC	34.160.144.191
push.winprizes658.monster (2)	0	2022-11-19 13:20:48 UTC	2022-12-07 21:38:08 UTC	67.212.184.147	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-08 15:50:00 UTC	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-12-09	2	58.winprizes658.monster/engaff/phaff2022n4.html	Phishing
2022-12-09	2	58.winprizes658.monster/engaff/phaff2022n4.html	Phishing
2022-12-09	2	58.winprizes658.monster/engaff/css/app.css?id=c588c17324f2be0e0ec9	Phishing
2022-12-09	2	58.winprizes658.monster/engaff/css/landers/prizewheel-fb/app.css?id=cd41123 (...)	Phishing
2022-12-09	2	58.winprizes658.monster/engaff/img/fb-like.svg	Phishing

Scan Date	Severity	Indicator	Comment
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed
2022-12-08	2	winprizes658.monster	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-02-01 22:12:21 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-01 15:54:15 +0000	1 - 0 - 2	70.winprizes670.monster/en1/engsender61.html	45.76.148.82
2023-02-01 05:57:07 +0000	0 - 0 - 6	62.winprizes662.monster/eng/phengnotix4.html	45.76.148.82
2023-02-01 05:54:13 +0000	1 - 0 - 4	46.winprizes546.digital/vn/vnpro1.html?city=A (...)	45.76.148.82
2023-01-31 14:59:01 +0000	0 - 0 - 2	78.winprizes678.monster/ph1/eng1ppn2.html?cit (...)	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-02-02 00:12:13 +0000	0 - 0 - 8	media.blacksebo.de/	144.202.15.240
2023-02-01 22:45:52 +0000	0 - 1 - 1	dlxfreight.bid/w1Q5DXr7te/gate.php	8.9.15.28
2023-02-01 22:12:21 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-01 21:46:06 +0000	0 - 9 - 8	ftweb.qc.to/treasure-of-nadia-free-download-v (...)	66.42.70.39
2023-02-01 21:11:54 +0000	0 - 7 - 0	offers.krakenbaker.com/d6van4/dfzk8/	80.240.19.207

Date	UQ / IDS / BL	URL	IP
2023-01-21 06:56:57 +0000	0 - 0 - 3	58.winprizes658.monster/engaff/phaff2022n4.ht (...)	45.76.148.82
2023-01-21 06:56:45 +0000	0 - 0 - 6	58.winprizes658.monster/engaff/phaff2021n2.html	45.76.148.82
2023-01-18 23:56:01 +0000	0 - 0 - 17	58.winprizes658.monster/engaff/phaff2022n4.ht (...)	45.76.148.82
2023-01-18 11:56:02 +0000	0 - 0 - 5	58.winprizes658.monster/engaff/phaff2021n2.html	45.76.148.82
2023-01-17 06:56:43 +0000	0 - 0 - 19	58.winprizes658.monster/engaff/phaff2022n4.ht (...)	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-02-02 00:54:09 +0000	0 - 0 - 1	1d70566ab63.winnerleads.net/prizewheel-fb?ctr (...)	94.237.93.242
2023-02-01 15:54:33 +0000	0 - 0 - 1	1d7056524c3.winnerleads.net/prizewheel-fb?ctr (...)	94.237.93.242
2023-02-01 10:36:36 +0000	0 - 0 - 6	1d7056524c3.turbowinners.net/prizewheel-fb?ct (...)	94.237.84.54
2023-01-31 10:57:28 +0000	0 - 1 - 5	track.writive-resica.com/118533fe-4514-4e37-a (...)	18.195.128.171
2023-01-31 10:31:57 +0000	0 - 0 - 5	1d704fa5503.turbowinners.net/prizewheel-fb?ct (...)	94.237.93.242

HTTP Transactions (40)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3960 Expires: Fri, 09 Dec 2022 06:01:33 GMT Date: Fri, 09 Dec 2022 04:55:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f2acd891dc6eb1f09f57a2b086791781 Sha1: 1e2088306501a61edcca1ade62c4d54f23b3b083 Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6900 Expires: Fri, 09 Dec 2022 06:50:33 GMT Date: Fri, 09 Dec 2022 04:55:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 388f6fea5bafa378266622b72311a6ee Sha1: 447f102dc12172ce1ba44c5e94e1d7bb49d43372 Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
GET /engaff/phaff2022n4.html HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 58.winprizes658.monster/engaff/phaff2022n4.html FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 2821e83aaea54f1bfbaa0564ff96a7dd144e35958fbb1501cfc9a43a0e1dfda1 45.76.148.82 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Fri, 09 Dec 2022 04:55:33 GMT Content-Length: 438 Connection: keep-alive Location: https://58.winprizes658.monster/engaff/phaff2022n4.html --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 438 Md5: 48c32fcccc21c31e56f20d9f2c6ad0ed Sha1: d28fc1d7282592b9ef07fcde224fc5b3596b5dce Sha256: 2821e83aaea54f1bfbaa0564ff96a7dd144e35958fbb1501cfc9a43a0e1dfda1 Alerts: Blocklists: - fortinet: Phishing - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20651 Expires: Fri, 09 Dec 2022 10:39:44 GMT Date: Fri, 09 Dec 2022 04:55:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee537977be9c03702f8ffe0025bf1fe Sha1: 21637881c4aa34c4add703f8bff4eff573159f45 Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 09 Dec 2022 04:08:17 GMT age: 2836 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: X3AJSqteC37BfgScS3ad0QxIA8fC5E/sdLCetQxidR/UQSRC09JIM/4NztG5P0WJg6uvzuF/3NU= x-amz-request-id: WJVDR21FJVHFVNW8 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 09 Dec 2022 04:48:11 GMT age: 442 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 09 Dec 2022 04:55:33 GMT content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 09 Dec 2022 04:07:59 GMT age: 2855 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 786 Cache-Control: max-age=102264 Date: Fri, 09 Dec 2022 04:55:34 GMT Etag: "6391a92c-1d7" Expires: Sat, 10 Dec 2022 09:19:58 GMT Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fd55f4aaaab6ec40bc7dc10252cd819a Sha1: a72523f60be265a391fa9edc43e0a93418ad1fd0 Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
GET /engaff/img/landers/prizewheel-fb/notification.png HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/landers/prizewheel-f (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT content-length: 449 last-modified: Sat, 19 Nov 2022 11:57:55 GMT etag: "1c1-5edd18859c4ef" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data Size: 449 Md5: bd5203f2cc9e7a9125e4575e029541b0 Sha1: 9fa565ab2f4b55da4735b79e529562252b3c9afe Sha256: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f Alerts: Blocklists: - quad9: Sinkholed
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: jwNxMLtrOLv/LZM58AqOZw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.148.53.106 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.148.53.106 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ckGdYYrCDszmFMIKlj+C1mpoU8s= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engaff/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/landers/prizewheel-f (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT content-length: 32496 last-modified: Sat, 19 Nov 2022 11:57:55 GMT etag: "7ef0-5edd1885cd231" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data Size: 32496 Md5: d4655cba21d806e849eed4e4119fbe1a Sha1: 6453039d85005643e9d65074ca022f63b5d47cdd Sha256: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7 Alerts: Blocklists: - quad9: Sinkholed
GET /js/pub.min.js HTTP/1.1 Host: push.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: push.winprizes658.monster/js/pub.min.js FQDN: push.winprizes658.monster IP: 67.212.184.147 HASH: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be 67.212.184.147 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT content-length: 1482 last-modified: Fri, 09 Sep 2022 11:46:08 GMT vary: Accept-Encoding etag: "631b2780-5ca" content-encoding: gzip expires: Sat, 10 Dec 2022 04:55:34 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2752) Size: 1482 Md5: 31c303586c1b78e33984bd252b8e2644 Sha1: 8083e2aad4cbf8242a4e6fb53657d49552b85f82 Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/prizes/iphone-12-pro (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT content-length: 35519 last-modified: Sat, 19 Nov 2022 11:57:56 GMT etag: "8abf-5edd1886e5699" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Size: 35519 Md5: 3425f87a8def62d878b3fbf8f930dee2 Sha1: 961688eb1d3c97e9ed61199b0fcd32e60d1d3467 Sha256: 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d
GET /engaff/img/landers/prizewheel-fb/loader.gif HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/landers/prizewheel-f (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97 45.76.148.82 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT content-length: 5083 last-modified: Sat, 19 Nov 2022 11:57:55 GMT etag: "13db-5edd18859c4ef" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 50 x 50\012- data Size: 5083 Md5: ed786659a534e0d183c09a90c50abc9d Sha1: a6c3d90bfaa86a7cda490bc5d04c8939c31a414e Sha256: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97 Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/landers/prizewheel-f (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 3370 last-modified: Sat, 19 Nov 2022 11:57:55 GMT etag: "d2a-5edd1885cd231" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data Size: 3370 Md5: dc484e0043b5ff6191b1880c8779863c Sha1: a5b67e3dff3dea3940eed090431aecbb36611b1d Sha256: 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6 Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/img/profiles/african/female/3@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/fem (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2727 last-modified: Sat, 19 Nov 2022 11:57:58 GMT etag: "aa7-5edd18886c0a5" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2727 Md5: 2790f79b7e764407ae4b87a9dc30734b Sha1: 30f0a1e4d30ac25108f2d0487f49944fbe630b72 Sha256: 8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575
GET /engaff/img/profiles/african/male/3@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/mal (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2518 last-modified: Sat, 19 Nov 2022 11:57:59 GMT etag: "9d6-5edd18899bc0f" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2518 Md5: 2c188d082f97b0a5b29c92dbaf7a9787 Sha1: f2a3828b68ba4d06d450832a977c48a22360d5eb Sha256: afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
GET /engaff/img/profiles/african/male/10@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/mal (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2302 last-modified: Sat, 19 Nov 2022 11:57:59 GMT etag: "8fe-5edd18896ce0d" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2302 Md5: 2ec37a714ba9202b2492cc1eff504041 Sha1: 29d005604784110044c80c13610ec1fe946a7d83 Sha256: 278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369
GET /engaff/img/profiles/african/female/6@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/fem (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2766 last-modified: Sat, 19 Nov 2022 11:57:58 GMT etag: "ace-5edd188897027" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2766 Md5: af242991b9a56424739c63a6bd4090a7 Sha1: 7b41b3b2cfbbe69a865efa8863883bf029738b6e Sha256: c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f
GET /engaff/img/profiles/african/male/9@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/mal (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 3146 last-modified: Sat, 19 Nov 2022 11:57:59 GMT etag: "c4a-5edd18899cbaf" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 3146 Md5: 4c30d4f61201b822adcfa58dbe32389c Sha1: 9d9edd23a3b074135d9e043b5d1e52d8dbe29c91 Sha256: 19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4
GET /engaff/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/prizes/iphone-12-pro (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 23152 last-modified: Sat, 19 Nov 2022 11:57:56 GMT etag: "5a70-5edd1886e75d9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data Size: 23152 Md5: 029d38095e06ced0688fd67a58e70781 Sha1: b5bdaddeb39b947c35f883f001f34dd163bcb362 Sha256: 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1 Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/img/profiles/african/female/5@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/fem (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 1960 last-modified: Sat, 19 Nov 2022 11:57:58 GMT etag: "7a8-5edd1888902c7" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 1960 Md5: 732da0e5f3968ec3d9014a6bbb62c04a Sha1: 5d306c8778fdcac19f03542fccaf31df1cb8a783 Sha256: d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8
GET /engaff/img/profiles/african/female/1@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/fem (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2781 last-modified: Sat, 19 Nov 2022 11:57:57 GMT etag: "add-5edd188862465" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2781 Md5: 9ef452251daa9ff9fbdc5fe827a35061 Sha1: 2cb40a02efce5fd8772f57b8e9737018fed3f9ba Sha256: 355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
GET /engaff/img/profiles/african/male/2@0.25x.jpg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/profiles/african/mal (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 HASH: 4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 2053 last-modified: Sat, 19 Nov 2022 11:57:59 GMT etag: "805-5edd18896aecd" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size: 2053 Md5: 0f15632c24d4646c58f30feaa3baaa8a Sha1: a7f319366432f5a63d7f11d30b0a6c9cb6398b64 Sha256: 4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5202 Expires: Fri, 09 Dec 2022 06:22:17 GMT Date: Fri, 09 Dec 2022 04:55:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5202 Expires: Fri, 09 Dec 2022 06:22:17 GMT Date: Fri, 09 Dec 2022 04:55:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6637 x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cvlg4GtVIAMFdTw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 21:51:22 GMT age: 25453 etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6637 Md5: 3cb7655c8fe89a83f0096c51684aa21c Sha1: 4946fcab2a99d926c45abaecf8f97b6214dee0cd Sha256: 60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8803 x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjtK9GavoAMFjpA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 03:56:08 GMT age: 3567 etag: "c47af4e5770daad212f4290527b00321285105f8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8803 Md5: 46275ec87d8221804dbb99f95b035131 Sha1: c47af4e5770daad212f4290527b00321285105f8 Sha256: 2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4049 x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cpwRFHIooAMFVmw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 11:18:08 GMT age: 63447 etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4049 Md5: 44ed82780732ed682ee46b2df52b3ca2 Sha1: 0b3fe77e142178561b28c93b94b1aea2e1c395a5 Sha256: 383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5169 x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEdkFGrIAMFvHg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 07:01:14 GMT age: 78861 etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5169 Md5: 06514ce96ae21cb01f526a5febdcbeb4 Sha1: ebb97e5b97f394e8c67098f55581d5329ce819a2 Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7960 x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEd8HC0oAMFUag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 05:44:09 GMT age: 83486 etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7960 Md5: eb00a2a503a690cee3e4dd729b5bc9bd Sha1: cfb1e5bcab2148a777889680e6e36b9d7e8917ec Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10205 x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cwVM_F9BIAMF3ow= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 18:05:28 GMT age: 39007 etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10205 Md5: 45e0c1638ad919bde19731f7987ab064 Sha1: 1e492807c665e6e6b24ec6ce19035fdfc6f23b92 Sha256: f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /sw.js HTTP/1.1 Host: push.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: push.winprizes658.monster/sw.js FQDN: push.winprizes658.monster IP: 67.212.184.147 HASH: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11 67.212.184.147 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT content-length: 776 last-modified: Mon, 03 Oct 2022 07:40:54 GMT vary: Accept-Encoding etag: "633a9206-308" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 776 Md5: f72a11763f13b05c1f2379d13387dd05 Sha1: 002fbf7672d3f4655b89b6413d160e4185ce9900 Sha256: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11 Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/phaff2022n4.html HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 58.winprizes658.monster/engaff/phaff2022n4.html FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: text/html server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT vary: Accept-Encoding last-modified: Mon, 21 Nov 2022 07:10:58 GMT etag: W/"2edb-5edf5c1dac5d1" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing - quad9: Sinkholed
GET /engaff/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/css/app.css?id=c588c1732 (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: text/css server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT vary: Accept-Encoding last-modified: Sat, 19 Nov 2022 11:57:53 GMT etag: W/"21-5edd1883b4060" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing - quad9: Sinkholed
GET /engaff/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/css/landers/prizewheel-f (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: text/css server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT vary: Accept-Encoding last-modified: Sat, 19 Nov 2022 11:57:54 GMT etag: W/"da7-5edd1884e89ea" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing - quad9: Sinkholed
GET /engaff/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/js/landers/prizewheel-fb (...) FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 04:55:34 GMT vary: Accept-Encoding last-modified: Sat, 19 Nov 2022 11:57:57 GMT etag: W/"24ab5-5edd188821d23" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /engaff/img/fb-like.svg HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://58.winprizes658.monster/engaff/phaff2022n4.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 58.winprizes658.monster/engaff/img/fb-like.svg FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: image/svg+xml server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT vary: Accept-Encoding last-modified: Sat, 19 Nov 2022 11:57:53 GMT etag: W/"1213-5edd1883d1521" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing - quad9: Sinkholed
GET /sw.js?v=1670561734740 HTTP/1.1 Host: 58.winprizes658.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: 58.winprizes658.monster/sw.js?v=1670561734740 FQDN: 58.winprizes658.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 04:55:35 GMT vary: Accept-Encoding last-modified: Mon, 21 Nov 2022 06:32:02 GMT etag: W/"39-5edf536a20142" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed

URL	58.winprizes658.monster/engaff/phaff2022n4.html
IP	45.76.148.82 (Singapore)
ASN	#20473 AS-CHOOPA
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-09 04:55:44 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	19
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes658.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (40)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes658.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (40)

Network Intrusion Detection Systems