urlquery - report: 60.winprizes660.monster/th1paff/thaffreboot4.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&browser=Chrome&cep=hMzmLAph5u--h1mwsfk1dpPclXQ7JK-beB7RI_JCR9j8RSA3uONOsihZMhYPe1cqs2-B6LPdfjHVVNB3QfbUsMBWswX_XP-DXg5kryPU_d_8IOJoMTTDYAwJYKpdyNdtspGpdsx5rlcVzjBru5J6ugFIqn8FSXNx0MJEN_nQ9HS2y7wYPM9RxMebv2wMtVUaqxnFjHrAIopnqev2Dcxr9siWSIBdTiw8L7dEO5Id4FDPIGp8SZS4eweUWon-8cxFfx5nWBda1FoVAamtxlaKlHSyZMFc_cdMICSPzlFtpksP-QT78Uf65HpqSFEZLi-5xEMqlDeYU1gK0pAZkUjEIjVUBpGJMR5HYwDqf4JAkTkWl_pF-eUR_Nwk-AMc8MMvNFP7xbWS0SJV2JarsWpNOE8v8TfFWxFuAeaIb7rMG4c&lptoken=16fd708252a984f251cb

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-08 17:20:00 UTC	52.38.146.2
push.winprizes660.monster (1)	0	No data	No data	216.104.36.158	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-08 15:50:00 UTC	34.120.237.76
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-12-08 17:12:06 UTC	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-08 17:21:04 UTC	34.160.144.191
60.winprizes660.monster (22)	0	2022-11-13 14:20:28 UTC	2022-12-08 04:13:29 UTC	45.76.148.82	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-08 17:14:01 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-08 17:12:32 UTC	35.241.9.150

Date	UQ / IDS / BL	URL	IP
2023-02-08 04:57:02 +0000	0 - 0 - 4	66.winprizes666.monster/engaff/phaff2022n4.ht (...)	45.76.148.82
2023-02-07 10:56:56 +0000	1 - 0 - 0	50.winprizes550.digital/myppush1/index.php?ci (...)	45.76.148.82
2023-02-07 04:35:48 +0000	0 - 0 - 1	78.winprizes678.monster/ph1/eng1ppn2.html?cit (...)	45.76.148.82
2023-02-07 03:27:57 +0000	1 - 0 - 0	44.winprizes544.digital/myaff2icu/index.php?c (...)	45.76.148.82
2023-02-07 02:31:53 +0000	0 - 0 - 4	62.winprizes662.monster/eng/phengnotix4.html? (...)	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-02-08 10:15:04 +0000	1 - 0 - 12	ciwiprize.digital/alwheelpropfr/index.html	217.69.13.14
2023-02-08 08:25:18 +0000	0 - 0 - 1	45.77.215.142/login.php	45.77.215.142
2023-02-08 07:45:50 +0000	0 - 1 - 0	www.polyga.com/download/FlexScan3D_Full_Setup (...)	108.61.205.104
2023-02-08 04:57:02 +0000	0 - 0 - 4	66.winprizes666.monster/engaff/phaff2022n4.ht (...)	45.76.148.82
2023-02-08 04:55:57 +0000	0 - 0 - 2	1globster.com/	136.244.110.28

Date	UQ / IDS / BL	URL	IP
2023-02-05 14:57:24 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-05 10:54:52 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-03 21:59:13 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-01 22:12:21 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-31 00:56:16 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-02-06 15:55:57 +0000	1 - 1 - 1	track.rendan-compto.com/163d58b5-e131-4181-ab (...)	18.195.128.171
2023-02-05 10:54:52 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-05 10:54:40 +0000	1 - 1 - 1	track.rendan-compto.com/1aee6222-540a-43f9-b0 (...)	18.195.128.171
2023-02-03 21:59:13 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-02-03 16:56:24 +0000	1 - 2 - 1	track.rendan-compto.com/52612d0e-26ce-4b4f-be (...)	18.195.128.171

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3105 Expires: Thu, 08 Dec 2022 20:02:56 GMT Date: Thu, 08 Dec 2022 19:11:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 388f6fea5bafa378266622b72311a6ee Sha1: 447f102dc12172ce1ba44c5e94e1d7bb49d43372 Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7499 Expires: Thu, 08 Dec 2022 21:16:10 GMT Date: Thu, 08 Dec 2022 19:11:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7181eff9c60e83eb0004ece591e47dca Sha1: 0fd8cd0c9d10b0547938982e57d2c43e2d98679f Sha256: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 08 Dec 2022 19:08:13 GMT age: 178 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6961 Expires: Thu, 08 Dec 2022 21:07:12 GMT Date: Thu, 08 Dec 2022 19:11:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 00e7703bd74975689fc9050356aaca6b Sha1: 9788fe6a36d6f278e8da329ebc5dd87bcd212317 Sha256: 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: Nr4A9+f1SIsiXitifgvEHV3C205zh4tLdEDavq/EXVsCkuQnFxa3ybTducUcdpTqoFYcipDsIvs= x-amz-request-id: 0HRADTVVJ9VRTA8V content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 08 Dec 2022 18:48:01 GMT age: 1390 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /th1paff/thaffreboot4.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&browser=Chrome&cep=hMzmLAph5u--h1mwsfk1dpPclXQ7JK-beB7RI_JCR9j8RSA3uONOsihZMhYPe1cqs2-B6LPdfjHVVNB3QfbUsMBWswX_XP-DXg5kryPU_d_8IOJoMTTDYAwJYKpdyNdtspGpdsx5rlcVzjBru5J6ugFIqn8FSXNx0MJEN_nQ9HS2y7wYPM9RxMebv2wMtVUaqxnFjHrAIopnqev2Dcxr9siWSIBdTiw8L7dEO5Id4FDPIGp8SZS4eweUWon-8cxFfx5nWBda1FoVAamtxlaKlHSyZMFc_cdMICSPzlFtpksP-QT78Uf65HpqSFEZLi-5xEMqlDeYU1gK0pAZkUjEIjVUBpGJMR5HYwDqf4JAkTkWl_pF-eUR_Nwk-AMc8MMvNFP7xbWS0SJV2JarsWpNOE8v8TfFWxFuAeaIb7rMG4c&lptoken=16fd708252a984f251cb HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 60.winprizes660.monster/th1paff/thaffreboot4.html?city= (...) FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: d7bcd2ace311dc65f2861d0657e27981f3cd51ba1cb35ff6139923fbe06c5c6c 45.76.148.82 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Thu, 08 Dec 2022 19:11:11 GMT Content-Length: 1008 Connection: keep-alive Location: https://60.winprizes660.monster/th1paff/thaffreboot4.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&browser=Chrome&cep=hMzmLAph5u--h1mwsfk1dpPclXQ7JK-beB7RI_JCR9j8RSA3uONOsihZMhYPe1cqs2-B6LPdfjHVVNB3QfbUsMBWswX_XP-DXg5kryPU_d_8IOJoMTTDYAwJYKpdyNdtspGpdsx5rlcVzjBru5J6ugFIqn8FSXNx0MJEN_nQ9HS2y7wYPM9RxMebv2wMtVUaqxnFjHrAIopnqev2Dcxr9siWSIBdTiw8L7dEO5Id4FDPIGp8SZS4eweUWon-8cxFfx5nWBda1FoVAamtxlaKlHSyZMFc_cdMICSPzlFtpksP-QT78Uf65HpqSFEZLi-5xEMqlDeYU1gK0pAZkUjEIjVUBpGJMR5HYwDqf4JAkTkWl_pF-eUR_Nwk-AMc8MMvNFP7xbWS0SJV2JarsWpNOE8v8TfFWxFuAeaIb7rMG4c&lptoken=16fd708252a984f251cb --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (675) Size: 1008 Md5: 2f636e834939f09114c62330aba8ff38 Sha1: 63634ab88665a6aead67800fbe35392390a1b833 Sha256: d7bcd2ace311dc65f2861d0657e27981f3cd51ba1cb35ff6139923fbe06c5c6c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 08 Dec 2022 19:11:11 GMT content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 08 Dec 2022 19:07:55 GMT age: 196 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5332 Cache-Control: max-age=141872 Date: Thu, 08 Dec 2022 19:11:12 GMT Etag: "6391a92c-1d7" Expires: Sat, 10 Dec 2022 10:35:44 GMT Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fd55f4aaaab6ec40bc7dc10252cd819a Sha1: a72523f60be265a391fa9edc43e0a93418ad1fd0 Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: zWI1TSuxMX4L+Lq97Rhx5Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.38.146.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.38.146.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 9eap4x6JhFQhWdBGTdsGlMUM5AI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/pub.min.js HTTP/1.1 Host: push.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: push.winprizes660.monster/js/pub.min.js FQDN: push.winprizes660.monster IP: 216.104.36.158 HASH: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be 216.104.36.158 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 1482 last-modified: Fri, 09 Sep 2022 11:46:08 GMT vary: Accept-Encoding etag: "631b2780-5ca" content-encoding: gzip expires: Fri, 09 Dec 2022 19:11:12 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2752) Size: 1482 Md5: 31c303586c1b78e33984bd252b8e2644 Sha1: 8083e2aad4cbf8242a4e6fb53657d49552b85f82 Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /th1paff/i11black.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/i11black.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: a6d1f1fa19e933c9da1306cbda5e0528ea1f73d0d9afecdfc1566fe9d7e682b8 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 241130 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "3adea-5ee944f649558" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 828 x 828, 8-bit/color RGBA, non-interlaced\012- data Size: 241130 Md5: 13d47dc9e6696f67342dd750753a4f9c Sha1: 0939480dc263b6d311ec872929e6e0cdfbbabc93 Sha256: a6d1f1fa19e933c9da1306cbda5e0528ea1f73d0d9afecdfc1566fe9d7e682b8
GET /th1paff/default.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/default.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 94803 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "17253-5ee944f2e818b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Size: 94803 Md5: 8adac2b1f6fec2ad7a323668d7fcd96a Sha1: 5b875ce4cc5fa5576fdcf13385c0c5b53631e691 Sha256: 1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4
GET /th1paff/like_user_2.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/like_user_2.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 1216 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "4c0-5ee944f6eb71a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data Size: 1216 Md5: f9299c2023539a8f27a6e1b12ed260e5 Sha1: 046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2 Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
GET /th1paff/like_user_1.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/like_user_1.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 1293 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "50d-5ee944f6c849a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data Size: 1293 Md5: 2aa0d43e70d60d76ac4bdff139f8c7cb Sha1: d7e3433297ad90f5d99249aee29b645265c9f3eb Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
GET /th1paff/th11.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th11.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: e3027b9fd073f418da9e7176905e7afd3ac4dcb5e6a527b04067dc77ef17f177 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 33011 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "80f3-5ee944fa9ace8" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 512x512, components 3\012- data Size: 33011 Md5: ffe51ab982f112629842aba9714b9070 Sha1: b371e6d6e449245aed93ca0bb9382dbf083b72b9 Sha256: e3027b9fd073f418da9e7176905e7afd3ac4dcb5e6a527b04067dc77ef17f177
GET /th1paff/th12.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th12.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 5337 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "14d9-5ee944fab04a8" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5337 Md5: 30d34d7628e91a67ef9b6c701751b82d Sha1: 5a68e5bc09bacac96949950392ede472110b9bfd Sha256: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de
GET /th1paff/th13.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th13.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 5238 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "1476-5ee944fac4cc9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5238 Md5: 79428c15f4cb8d4c22f0ae8844e327d7 Sha1: b34513fac8649885f2e9ce9940b26e9f7f47d8bb Sha256: 7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076
GET /th1paff/th14.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th14.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 5988 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "1764-5ee944fad75a9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5988 Md5: 4387f4c0cbae645d5d7442254e7cc560 Sha1: 99b2c3a509f515fc9e53c8b018ba6b47028afbe1 Sha256: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b
GET /th1paff/th16.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th16.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 4130 last-modified: Tue, 29 Nov 2022 04:20:43 GMT etag: "1022-5ee944fb005ea" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 4130 Md5: 487c9c7e98edf8c07cd5cef5a7c3e48d Sha1: a27e943677cc67810eb71f7f889969d2ca52e390 Sha256: 1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356
GET /th1paff/th15.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th15.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 3856 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "f10-5ee944faebdc9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 3856 Md5: d8996a573db7acb91022ed0d671a1495 Sha1: 175685d525ff01441445e0c585ddbf9d867de6e4 Sha256: cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753
GET /th1paff/footer_right.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/footer_right.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 4919 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "1337-5ee944f324a4c" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data Size: 4919 Md5: 0e786b7344ac0b63609290a3a415fc4f Sha1: c2e77827e895aaa13522f1c5c0ef79d4caef0bb2 Sha256: f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
GET /th1paff/th17.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th17.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 4513 last-modified: Tue, 29 Nov 2022 04:20:43 GMT etag: "11a1-5ee944fb1abca" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 4513 Md5: 2444132c4b20c85e0c9526f3b35a2524 Sha1: eb394ff3f1a3e2fadc7a8912e8929e218270e733 Sha256: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5
GET /th1paff/clip_footer_3.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/clip_footer_3.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 2460 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "99c-5ee944f2b262a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data Size: 2460 Md5: e1b626392882cc25b4d891afaa68afd4 Sha1: 454d7abdbc2548d04feb95436ea0ab4126b4f00b Sha256: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /th1paff/prizewheel11.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/prizewheel11.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 5d37922d8303b80fdf20e8eabafee70f0d3adcafe56bb285d00190014201e845 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 604427 last-modified: Tue, 29 Nov 2022 04:20:39 GMT etag: "9390b-5ee944f7926fd" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1002 x 1002, 8-bit/color RGBA, non-interlaced\012- data Size: 604427 Md5: 666bd514461839dc5d796c0c1061c677 Sha1: a6ac8413ef5375b0d35a85bf167b4b771c1c323b Sha256: 5d37922d8303b80fdf20e8eabafee70f0d3adcafe56bb285d00190014201e845
GET /th1paff/clean.css HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/clean.css FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 9bc49428dee2a10afb1f17a2b3c3915ec1c7209a2bc44934e65f7450d8e8c43b 45.76.148.82 HTTP/2 200 OK content-type: text/css server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: W/"2b87-5ee944f2b35ca" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (11143), with no line terminators Size: 2840 Md5: bc19283ed3e114f7dfb9892354ee9f11 Sha1: df1caf51538517c5d65bb3953ebc4e70195b750a Sha256: 9bc49428dee2a10afb1f17a2b3c3915ec1c7209a2bc44934e65f7450d8e8c43b
GET /th1paff/notify_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/notify_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 229 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "e5-5ee944f71957b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data Size: 229 Md5: 988234626ae7a880ed9c6a92f6336c0f Sha1: 173967c2b59baed4a06997d874aba32ab65da201 Sha256: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
GET /th1paff/spin_prize2.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/spin_prize2.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:12 GMT content-length: 2814 last-modified: Tue, 29 Nov 2022 04:20:41 GMT etag: "afe-5ee944f9e0485" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data Size: 2814 Md5: f278c8d30fc51b72e0774b9ecb49214c Sha1: 03b574db82b31ee5758eb5093fda8ea25d1b00d8 Sha256: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
GET /th1paff/action_icons_20px_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/action_icons_20px_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:13 GMT content-length: 1726 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "6be-5ee944f28382a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Size: 1726 Md5: b699975b5fe73b087e711a33ff24ee1e Sha1: 0e33cc5c32a5e7d18440751e3946076664caaf53 Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /th1paff/comment_action_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/comment_action_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 08 Dec 2022 19:11:13 GMT content-length: 641 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "281-5ee944f2d972b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data Size: 641 Md5: e9b3872b3e63e19728176d45f0aa6986 Sha1: b638f89d5d80c4cd65327da973c52f778e30bd55 Sha256: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3255 Expires: Thu, 08 Dec 2022 20:05:28 GMT Date: Thu, 08 Dec 2022 19:11:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3255 Expires: Thu, 08 Dec 2022 20:05:28 GMT Date: Thu, 08 Dec 2022 19:11:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3255 Expires: Thu, 08 Dec 2022 20:05:28 GMT Date: Thu, 08 Dec 2022 19:11:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7801 x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czFRNHX4oAMFvoQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 23:16:35 GMT age: 71678 etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7801 Md5: 8c94003641bb5a7595e7004f80f95d22 Sha1: 3446450df60d732f9021d5bfd5f5f7c6c870d9ec Sha256: 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12534 x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czDbyGTcoAMF_TQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 23:03:58 GMT age: 72435 etag: "04e32eb45581201a6a1863200e4d139df48285e6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12534 Md5: 57be99ac898a37d73f2ba4a24f56248f Sha1: 04e32eb45581201a6a1863200e4d139df48285e6 Sha256: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9596 x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cy3_qH63oAMFfLg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 22:21:22 GMT age: 74991 etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9596 Md5: c408efaa98ac2ce63bb1618368d10c15 Sha1: a51bbb49ebd862d04eaee465d0a35b22dcd21391 Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6557 x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cmcuMG6bIAMFUng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 08:48:08 GMT age: 37385 etag: "08d241e56622cb900754d95bc5d58ed8826d9f32" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6557 Md5: 210b27f5f6310d8fad640acce3d9ae0e Sha1: 08d241e56622cb900754d95bc5d58ed8826d9f32 Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7268 x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czFDgEzUoAMFgyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 23:12:45 GMT age: 71908 etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7268 Md5: 24d89b69ba37bf23c5d576aff4063caf Sha1: 3d46a21b4da571d7e4962e335c18a28ca5f81ecf Sha256: 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8659 x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czFSYFArIAMF46w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 23:33:19 GMT age: 70674 etag: "c4f26846b8b72293368ff16915d49297cf12bbb9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8659 Md5: b87d6543345f73653ed4a49b37d7c959 Sha1: c4f26846b8b72293368ff16915d49297cf12bbb9 Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /th1paff/thaffreboot4.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&browser=Chrome&cep=hMzmLAph5u--h1mwsfk1dpPclXQ7JK-beB7RI_JCR9j8RSA3uONOsihZMhYPe1cqs2-B6LPdfjHVVNB3QfbUsMBWswX_XP-DXg5kryPU_d_8IOJoMTTDYAwJYKpdyNdtspGpdsx5rlcVzjBru5J6ugFIqn8FSXNx0MJEN_nQ9HS2y7wYPM9RxMebv2wMtVUaqxnFjHrAIopnqev2Dcxr9siWSIBdTiw8L7dEO5Id4FDPIGp8SZS4eweUWon-8cxFfx5nWBda1FoVAamtxlaKlHSyZMFc_cdMICSPzlFtpksP-QT78Uf65HpqSFEZLi-5xEMqlDeYU1gK0pAZkUjEIjVUBpGJMR5HYwDqf4JAkTkWl_pF-eUR_Nwk-AMc8MMvNFP7xbWS0SJV2JarsWpNOE8v8TfFWxFuAeaIb7rMG4c&lptoken=16fd708252a984f251cb HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 60.winprizes660.monster/th1paff/thaffreboot4.html?city= (...) FQDN: 60.winprizes660.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 200 OK content-type: text/html server: nginx date: Thu, 08 Dec 2022 19:11:11 GMT vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 04:23:50 GMT etag: W/"424d-5ee945adc91ac" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /favicon.ico HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/favicon.ico FQDN: 60.winprizes660.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 404 Not Found content-type: text/html; charset=iso-8859-1 server: nginx date: Thu, 08 Dec 2022 19:11:13 GMT vary: Accept-Encoding content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3105 

                                        
                                            
Expires: Thu, 08 Dec 2022 20:02:56 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 19:11:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    388f6fea5bafa378266622b72311a6ee

                                                Sha1:   447f102dc12172ce1ba44c5e94e1d7bb49d43372

                                                Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 19:08:13 GMT 

                                        
                                            
age: 178 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: Nr4A9+f1SIsiXitifgvEHV3C205zh4tLdEDavq/EXVsCkuQnFxa3ybTducUcdpTqoFYcipDsIvs= 

                                        
                                            
x-amz-request-id: 0HRADTVVJ9VRTA8V 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 18:48:01 GMT 

                                        
                                            
age: 1390 

                                        
                                            
last-modified: Wed, 30 Nov 2022 10:06:34 GMT 

                                        
                                            
etag: "53341dea33f4f3d9b4966f80589f429a" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    53341dea33f4f3d9b4966f80589f429a

                                                Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d

                                                Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:11 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5332 

                                        
                                            
Cache-Control: max-age=141872 

                                        
                                            
Date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
Etag: "6391a92c-1d7" 

                                        
                                            
Expires: Sat, 10 Dec 2022 10:35:44 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT 

                                        
                                            
Server: ECS (ska/F708) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    fd55f4aaaab6ec40bc7dc10252cd819a

                                                Sha1:   a72523f60be265a391fa9edc43e0a93418ad1fd0

                                                Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

                                        
                                            GET /js/pub.min.js HTTP/1.1 

                                        
                                            
Host: push.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-site

                                         216.104.36.158

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 1482 

                                        
                                            
last-modified: Fri, 09 Sep 2022 11:46:08 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
etag: "631b2780-5ca" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
expires: Fri, 09 Dec 2022 19:11:12 GMT 

                                        
                                            
cache-control: max-age=86400 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (2752)

                                                Size:   1482

                                                Md5:    31c303586c1b78e33984bd252b8e2644

                                                Sha1:   8083e2aad4cbf8242a4e6fb53657d49552b85f82

                                                Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be

                                        
                                            GET /th1paff/default.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 94803 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:34 GMT 

                                        
                                            
etag: "17253-5ee944f2e818b" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   94803

                                                Md5:    8adac2b1f6fec2ad7a323668d7fcd96a

                                                Sha1:   5b875ce4cc5fa5576fdcf13385c0c5b53631e691

                                                Sha256: 1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4

                                        
                                            GET /th1paff/like_user_1.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 1293 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:38 GMT 

                                        
                                            
etag: "50d-5ee944f6c849a" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data

                                                Size:   1293

                                                Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb

                                                Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb

                                                Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

                                        
                                            GET /th1paff/th12.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 5337 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:42 GMT 

                                        
                                            
etag: "14d9-5ee944fab04a8" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   5337

                                                Md5:    30d34d7628e91a67ef9b6c701751b82d

                                                Sha1:   5a68e5bc09bacac96949950392ede472110b9bfd

                                                Sha256: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de

                                        
                                            GET /th1paff/th14.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 5988 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:42 GMT 

                                        
                                            
etag: "1764-5ee944fad75a9" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   5988

                                                Md5:    4387f4c0cbae645d5d7442254e7cc560

                                                Sha1:   99b2c3a509f515fc9e53c8b018ba6b47028afbe1

                                                Sha256: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b

                                        
                                            GET /th1paff/th15.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 3856 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:42 GMT 

                                        
                                            
etag: "f10-5ee944faebdc9" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   3856

                                                Md5:    d8996a573db7acb91022ed0d671a1495

                                                Sha1:   175685d525ff01441445e0c585ddbf9d867de6e4

                                                Sha256: cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753

                                        
                                            GET /th1paff/th17.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 4513 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:43 GMT 

                                        
                                            
etag: "11a1-5ee944fb1abca" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   4513

                                                Md5:    2444132c4b20c85e0c9526f3b35a2524

                                                Sha1:   eb394ff3f1a3e2fadc7a8912e8929e218270e733

                                                Sha256: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5

                                        
                                            GET /th1paff/prizewheel11.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 604427 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:39 GMT 

                                        
                                            
etag: "9390b-5ee944f7926fd" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1002 x 1002, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   604427

                                                Md5:    666bd514461839dc5d796c0c1061c677

                                                Sha1:   a6ac8413ef5375b0d35a85bf167b4b771c1c323b

                                                Sha256: 5d37922d8303b80fdf20e8eabafee70f0d3adcafe56bb285d00190014201e845

                                        
                                            GET /th1paff/notify_2x.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://60.winprizes660.monster/th1paff/clean.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:12 GMT 

                                        
                                            
content-length: 229 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:38 GMT 

                                        
                                            
etag: "e5-5ee944f71957b" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data

                                                Size:   229

                                                Md5:    988234626ae7a880ed9c6a92f6336c0f

                                                Sha1:   173967c2b59baed4a06997d874aba32ab65da201

                                                Sha256: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314

                                        
                                            GET /th1paff/action_icons_20px_2x.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://60.winprizes660.monster/th1paff/clean.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:13 GMT 

                                        
                                            
content-length: 1726 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:34 GMT 

                                        
                                            
etag: "6be-5ee944f28382a" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data

                                                Size:   1726

                                                Md5:    b699975b5fe73b087e711a33ff24ee1e

                                                Sha1:   0e33cc5c32a5e7d18440751e3946076664caaf53

                                                Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3255 

                                        
                                            
Expires: Thu, 08 Dec 2022 20:05:28 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 19:11:13 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3255 

                                        
                                            
Expires: Thu, 08 Dec 2022 20:05:28 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 19:11:13 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12534 

                                        
                                            
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: czDbyGTcoAMF_TQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA== 

                                        
                                            
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Dec 2022 23:03:58 GMT 

                                        
                                            
age: 72435 

                                        
                                            
etag: "04e32eb45581201a6a1863200e4d139df48285e6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12534

                                                Md5:    57be99ac898a37d73f2ba4a24f56248f

                                                Sha1:   04e32eb45581201a6a1863200e4d139df48285e6

                                                Sha256: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6557 

                                        
                                            
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cmcuMG6bIAMFUng= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA== 

                                        
                                            
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 08:48:08 GMT 

                                        
                                            
age: 37385 

                                        
                                            
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6557

                                                Md5:    210b27f5f6310d8fad640acce3d9ae0e

                                                Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32

                                                Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8659 

                                        
                                            
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: czFSYFArIAMF46w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA== 

                                        
                                            
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Dec 2022 23:33:19 GMT 

                                        
                                            
age: 70674 

                                        
                                            
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8659

                                                Md5:    b87d6543345f73653ed4a49b37d7c959

                                                Sha1:   c4f26846b8b72293368ff16915d49297cf12bbb9

                                                Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: text/html; charset=iso-8859-1

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 19:11:13 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	60.winprizes660.monster/th1paff/thaffreboot4.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud&browser=Chrome&cep=hMzmLAph5u--h1mwsfk1dpPclXQ7JK-beB7RI_JCR9j8RSA3uONOsihZMhYPe1cqs2-B6LPdfjHVVNB3QfbUsMBWswX_XP-DXg5kryPU_d_8IOJoMTTDYAwJYKpdyNdtspGpdsx5rlcVzjBru5J6ugFIqn8FSXNx0MJEN_nQ9HS2y7wYPM9RxMebv2wMtVUaqxnFjHrAIopnqev2Dcxr9siWSIBdTiw8L7dEO5Id4FDPIGp8SZS4eweUWon-8cxFfx5nWBda1FoVAamtxlaKlHSyZMFc_cdMICSPzlFtpksP-QT78Uf65HpqSFEZLi-5xEMqlDeYU1gK0pAZkUjEIjVUBpGJMR5HYwDqf4JAkTkWl_pF-eUR_Nwk-AMc8MMvNFP7xbWS0SJV2JarsWpNOE8v8TfFWxFuAeaIb7rMG4c&lptoken=16fd708252a984f251cb
IP	45.76.148.82 (Singapore)
ASN	#20473 AS-CHOOPA
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-08 19:11:22 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	0
urlquery alerts	1 Scam / Brand infringement
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes660.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 27) - SHA256: ab54ced328ae6cf6072df70ad717806f2f317fd1b77e5dc6170858e86e2b5798

#2 JavaScript::Write (size: 11) - SHA256: 1344cdb2314c6d1394dce683c56b873c2c6f35723ec9f1181b0ec625aaa6154b

#3 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

#4 JavaScript::Write (size: 9) - SHA256: 4e6e1b5b082e7134d927c65b1ad92c2514c40e70d93bff929bc7b9993141b1e6

#5 JavaScript::Write (size: 9) - SHA256: 6f2d55dcc9459ca6a32071943194869d14e6076dd11e130eb68eb164be0dc306

#6 JavaScript::Write (size: 9) - SHA256: 2947c66eb629d4b2d3f55446b8723826d622c6614a0d0322e0a064a8723e138a

HTTP Transactions (41)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes660.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 27) - SHA256: ab54ced328ae6cf6072df70ad717806f2f317fd1b77e5dc6170858e86e2b5798

#2 JavaScript::Write (size: 11) - SHA256: 1344cdb2314c6d1394dce683c56b873c2c6f35723ec9f1181b0ec625aaa6154b

#3 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

#4 JavaScript::Write (size: 9) - SHA256: 4e6e1b5b082e7134d927c65b1ad92c2514c40e70d93bff929bc7b9993141b1e6

#5 JavaScript::Write (size: 9) - SHA256: 6f2d55dcc9459ca6a32071943194869d14e6076dd11e130eb68eb164be0dc306

#6 JavaScript::Write (size: 9) - SHA256: 2947c66eb629d4b2d3f55446b8723826d622c6614a0d0322e0a064a8723e138a

HTTP Transactions (41)

Network Intrusion Detection Systems