r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10599
Expires: Mon, 23 Jan 2023 06:53:16 GMT
Date: Mon, 23 Jan 2023 03:56:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4188
Expires: Mon, 23 Jan 2023 05:06:25 GMT
Date: Mon, 23 Jan 2023 03:56:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18680
Expires: Mon, 23 Jan 2023 09:07:57 GMT
Date: Mon, 23 Jan 2023 03:56:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 03:34:58 GMT
content-type: application/json
age: 1299
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3iOL/pRsad9YSIm8kTgYBRb5R+5Qm0qvM0bvq/ZPH1YN8PQx2rS/vp/FD8hIHKfkmQtH3a6CwTE=
x-amz-request-id: R0ET450SGFDWDBTN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 03:47:34 GMT
age: 543
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
45.76.148.82301 Moved Permanently 970 B URL HTTP/1.1 68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
IP 45.76.148.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (637)
Hash 62211eac095940dd28812fbce070f2a0
0d33d664d83247830d7dc4f217f255100ae7e349
81d950caf144abe2cd40c332d833887b81ca60e1ef32bcda9d6f9e30728bd87d
GET /idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:56:37 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 970
Connection: keep-alive
Location: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 03:17:30 GMT
age: 2347
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 03:56:37 GMT
Etag: "63ccfca7-1d7"
Last-Modified: Mon, 23 Jan 2023 02:44:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.185.76.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.185.76.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QRpI49uX1pU7zpPws6d8AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1nO4t2VTd0EL6lQttdjWX0lAEvE=
68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/notification.png
45.76.148.82200 OK 449 B URL HTTP/2 68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/notification.png
IP 45.76.148.82:0
File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Hash bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
GET /idwheel/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: image/png
content-length: 449
last-modified: Tue, 10 Jan 2023 16:36:04 GMT
etag: "1c1-5f1eb7ad946b6"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/prizewheel_spinner.jpg
45.76.148.82200 OK 32 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Hash d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /idwheel/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: image/jpeg
content-length: 32496
last-modified: Tue, 10 Jan 2023 16:36:04 GMT
etag: "7ef0-5f1eb7adc2517"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ccb36fd043f9d61dbd17bd965cba63b8
cf17cfd2b7284f86f0de3a6b9e46bea5f950be37
b994f713faa292bb7372ce8f2f02eb9b28782d19cdb7fad556930895e9372ba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B994F713FAA292BB7372CE8F2F02EB9B28782D19CDB7FAD556930895E9372BA4"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 09:56:38 GMT
Date: Mon, 23 Jan 2023 03:56:38 GMT
Connection: keep-alive
68.winprizes668.monster/idwheel/img/prizes/iphone-12-pro-max/default@0.5x.png
45.76.148.82200 OK 36 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/prizes/iphone-12-pro-max/default@0.5x.png
IP 45.76.148.82:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 3425f87a8def62d878b3fbf8f930dee2
961688eb1d3c97e9ed61199b0fcd32e60d1d3467
7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d
GET /idwheel/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: image/png
content-length: 35519
last-modified: Tue, 10 Jan 2023 16:36:05 GMT
etag: "8abf-5f1eb7af01a7f"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/loader.gif
45.76.148.82200 OK 5.1 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/loader.gif
IP 45.76.148.82:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /idwheel/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: image/gif
content-length: 5083
last-modified: Tue, 10 Jan 2023 16:36:04 GMT
etag: "13db-5f1eb7ad95656"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/prizewheel_static.png
45.76.148.82200 OK 3.4 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/landers/prizewheel-fb/prizewheel_static.png
IP 45.76.148.82:0
File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Hash dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /idwheel/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/png
content-length: 3370
last-modified: Tue, 10 Jan 2023 16:36:04 GMT
etag: "d2a-5f1eb7adc34b7"
accept-ranges: bytes
X-Firefox-Spdy: h2
bujerdaz.com/pfe/current/micro.tag.min.js?z=5575702&sw=/sw-check-permissions-29e82.js
139.45.197.250200 OK 16 kB URL HTTP/2 bujerdaz.com/pfe/current/micro.tag.min.js?z=5575702&sw=/sw-check-permissions-29e82.js
IP 139.45.197.250:0
Hash 1aab653f3f60afc47048f19f26e11c32
a5babff35f35be51e1f98fa6c890e1041cb5e0d9
b3baf37e12d8252c811bb11f6d10adf62d902e99300166c4406c5993551c50e4
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?z=5575702&sw=/sw-check-permissions-29e82.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/js/app.js?id=70153298ff6fb62a5a50
45.76.148.82200 OK 2.8 kB URL HTTP/2 68.winprizes668.monster/idwheel/js/app.js?id=70153298ff6fb62a5a50
IP 45.76.148.82:0
File type ASCII text, with very long lines (977), with no line terminators
Hash e9bc6047c2e0e332214a2f0bea0f5a34
5891ea9b33ed4ae8c2df912fadeb826251d276ee
ed4f041130d3f24d539c778df46731a0e019a93a09976126e63afbbe42798a9b
GET /idwheel/js/app.js?id=70153298ff6fb62a5a50 HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 16:36:03 GMT
etag: W/"3d1-5f1eb7ac8acaf"
content-encoding: br
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/profiles/central-asian/male/10@0.25x.jpg
45.76.148.82200 OK 2.9 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/profiles/central-asian/male/10@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 86b261eb8d87cbde9c3abe9e26c0a40f
6d55e83dbc2c00ebd72234bc262e21672e442bd1
08bbfd3aae6e03405edf03a9fcd59b4e89f3c9a5ca589903529ef68ca69d6180
GET /idwheel/img/profiles/central-asian/male/10@0.25x.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 2943
last-modified: Tue, 10 Jan 2023 16:36:08 GMT
etag: "b7f-5f1eb7b1bddb0"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/profiles/central-asian/female/6@0.25x.jpg
45.76.148.82200 OK 2.0 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/profiles/central-asian/female/6@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 59847cce3476cca8505c7a827872236f
ea39084f48871e89a0223e0e965015efff7ee38c
c8f0a621fe9c6ce356739a9acda6fe820662bd484599b78376a7103ad98f1fc5
GET /idwheel/img/profiles/central-asian/female/6@0.25x.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 2028
last-modified: Tue, 10 Jan 2023 16:36:07 GMT
etag: "7ec-5f1eb7b10930c"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/profiles/central-asian/male/9@0.25x.jpg
45.76.148.82200 OK 2.0 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/profiles/central-asian/male/9@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 42c42ca4051afc4736a3ea8205b10f29
0e7b93ec64391e7166f3872789cfd393f0cdc533
0dde6f7fb9af606964e2832a11fdf256a2769a34a2a36361607bb4539539e01a
GET /idwheel/img/profiles/central-asian/male/9@0.25x.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 1996
last-modified: Tue, 10 Jan 2023 16:36:08 GMT
etag: "7cc-5f1eb7b1edb52"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/prizes/iphone-12-pro-max/proof.jpg
45.76.148.82200 OK 23 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/prizes/iphone-12-pro-max/proof.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Hash 029d38095e06ced0688fd67a58e70781
b5bdaddeb39b947c35f883f001f34dd163bcb362
5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1
GET /idwheel/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 23152
last-modified: Tue, 10 Jan 2023 16:36:05 GMT
etag: "5a70-5f1eb7af00adf"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/profiles/central-asian/female/5@0.25x.jpg
45.76.148.82200 OK 2.1 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/profiles/central-asian/female/5@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 66de87531ed7a3a15bfedf1243f2d47d
9f16d255c345cc6aa5f11c55054b14a437cb9928
deb4baab3c5b3d69a77c4d54223a779e8abd1c16901e868761daea039b72938d
GET /idwheel/img/profiles/central-asian/female/5@0.25x.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 2119
last-modified: Tue, 10 Jan 2023 16:36:07 GMT
etag: "847-5f1eb7b10930c"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/img/profiles/central-asian/female/1@0.25x.jpg
45.76.148.82200 OK 2.7 kB URL HTTP/2 68.winprizes668.monster/idwheel/img/profiles/central-asian/female/1@0.25x.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash c18edd23c9c6a3e0de0422f70ebea2b9
9fe0441e72106139a4b0fef099f9edd59dfaa8a8
26dd2d0dcc9c52e45ace408e9b8825b382d470d56e3ea26c46f255678c7bbff7
GET /idwheel/img/profiles/central-asian/female/1@0.25x.jpg HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:39 GMT
content-type: image/jpeg
content-length: 2684
last-modified: Tue, 10 Jan 2023 16:36:07 GMT
etag: "a7c-5f1eb7b0db4ab"
accept-ranges: bytes
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/css/app.css?id=c588c17324f2be0e0ec9
45.76.148.82200 OK 2.8 kB URL HTTP/2 68.winprizes668.monster/idwheel/css/app.css?id=c588c17324f2be0e0ec9
IP 45.76.148.82:0
File type ASCII text, with no line terminators
Hash 58d873c4bb4f5aafd8f1bb62e846a420
5d65e46dc7ae622cf10233bc8b0ec220432d29a9
312e55f4a9b1667fcfe8c5c316dcef1ed0f2f9ac8376396c9bae5bd55fba5ac8
GET /idwheel/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 16:36:02 GMT
etag: W/"21-5f1eb7abcf4ab"
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:56:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ca575a-6478-4494-ab01-9c1c6adf2812.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ca575a-6478-4494-ab01-9c1c6adf2812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bb03436991bd0a12dfabf114320c5e5
b8a44c797a1267d74bf9336c035d6c4dfdab1232
b72bef3fe7b5cc209714b162bc22c18407dc4571d78d0fb7ba5514271fc65efa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ca575a-6478-4494-ab01-9c1c6adf2812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12415
x-amzn-requestid: 920d35f3-efee-48d7-b709-b3097cef17e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etl5WFGvIAMFkFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21d08-3d43f7837c81b0a15d95cc9e;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:10:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KgzMC376P76jXouMzJOaoNwvpgJdoq8MIM0jjxIOSOuOERb2nws8yQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:44:17 GMT
age: 22342
etag: "b8a44c797a1267d74bf9336c035d6c4dfdab1232"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:42:33 GMT
age: 80046
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 17220
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OsitP8LhrabAIbfq-ZTMmpJfnfvttYGad42iE3obktcRneUqbBHlpw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:59:27 GMT
age: 86232
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a92d48898835ae8afbff3e369127fe13
90491b32adf6a6b7076ac63da4f2ab571f08920c
9060b3c090adc527e575c1d95d836db00a2136eeda09cdbb11e72ee8b4fa6216
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 3bc32a7b-e695-48f3-823d-642ce594933d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqzXHNkoAMF4uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb5815-76eeea642894547a44304ac1;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3PF8pxpr3QO0XLNBfstHSy6FuJ4hNtW0X8CXfstSD8fw-7NNo4n7kw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 03:42:42 GMT
age: 837
etag: "90491b32adf6a6b7076ac63da4f2ab571f08920c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 22133
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf
45.76.148.82200 OK 0 B URL HTTP/2 68.winprizes668.monster/idwheel/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf
IP 45.76.148.82:0
GET /idwheel/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 16:36:06 GMT
etag: W/"24995-5f1eb7b036407"
content-encoding: br
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
45.76.148.82200 OK 0 B URL HTTP/2 68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
IP 45.76.148.82:0
GET /idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:37 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 16:36:01 GMT
etag: W/"3169-5f1eb7aaedb45"
content-encoding: br
X-Firefox-Spdy: h2
68.winprizes668.monster/idwheel/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d
45.76.148.82200 OK 0 B URL HTTP/2 68.winprizes668.monster/idwheel/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d
IP 45.76.148.82:0
GET /idwheel/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d HTTP/1.1
Host: 68.winprizes668.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68.winprizes668.monster/idwheel/indexpp24.html?city=Mountain%20View&model=Android%2010.0&brand=Generic&cep=7K-GbPCi6cOT5iUs5QDmlTrsUKHAv9evCGYU2tkS1TOWmFzz_vGNZHJ13PtF5ESBt1kd49_9QvvkD2yRgCdmp_wLqKx6XVCeyU6ZoIxll6hBT8B2wHgXx4S-KXS0UXx5EWxr6J0rokZ-Uj31RUt4ypM-ioZZE3k1cD7287JVkEu4n439muMy--MtBHcj2IUIqHLLzmV-cU1P9iLWFBKPYiRwb5ku4ksrnp0Ih0bz1EuifjHs8K6Av4ftL9NB0PqrZZfqu0ZW-g2j1J7zDoHdvnFQykTPbb1QAQBDZW9GUxtCEt__LP-gA-zLCKqyNp9cknTYlqVnLfYl3zK1X-GWbNt57rNH28RPuSDb3X4OgfaJJuvZhMRq2QHyFrU00kOBl1_mCtpKerhw4FJDoUNmBGSWi_w3V-rZ0xMYw99PCwk&lptoken=1658743d44d079a6776a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:56:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 16:36:03 GMT
etag: W/"d05-5f1eb7ad25173"
content-encoding: br
X-Firefox-Spdy: h2